CVE-2014-3907

Published: Aug 26, 2014Modified: May 6, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.11 for WordPress allows remote attackers to hijack the authentication of arbitrary users.

Affected (73)

Products: Mailpoet: Mailpoet Newsletters

Mailpoet

1 product

Mailpoet Newsletters

Configuration A

73 vulnerable

Vulnerable Software	Affected Versions
Mailpoet Mailpoet Newsletters	Up to 2.6.10
Mailpoet Mailpoet Newsletters	Version 0.9.1
Mailpoet Mailpoet Newsletters	Version 0.9.2
Mailpoet Mailpoet Newsletters	Version 0.9.6
Mailpoet Mailpoet Newsletters	Version 0.9
Mailpoet Mailpoet Newsletters	Version 1.0.1
Mailpoet Mailpoet Newsletters	Version 1.0
Mailpoet Mailpoet Newsletters	Version 1.1.1
Mailpoet Mailpoet Newsletters	Version 1.1.2
Mailpoet Mailpoet Newsletters	Version 1.1.3
Mailpoet Mailpoet Newsletters	Version 1.1.4
Mailpoet Mailpoet Newsletters	Version 1.1.5
Mailpoet Mailpoet Newsletters	Version 1.1
Mailpoet Mailpoet Newsletters	Version 2.0.1
Mailpoet Mailpoet Newsletters	Version 2.0.2
Mailpoet Mailpoet Newsletters	Version 2.0.3
Mailpoet Mailpoet Newsletters	Version 2.0.4
Mailpoet Mailpoet Newsletters	Version 2.0.5
Mailpoet Mailpoet Newsletters	Version 2.0.6
Mailpoet Mailpoet Newsletters	Version 2.0.7
Mailpoet Mailpoet Newsletters	Version 2.0.8
Mailpoet Mailpoet Newsletters	Version 2.0.9.5
Mailpoet Mailpoet Newsletters	Version 2.0.9
Mailpoet Mailpoet Newsletters	Version 2.0
Mailpoet Mailpoet Newsletters	Version 2.1.1
Mailpoet Mailpoet Newsletters	Version 2.1.2
Mailpoet Mailpoet Newsletters	Version 2.1.3
Mailpoet Mailpoet Newsletters	Version 2.1.4
Mailpoet Mailpoet Newsletters	Version 2.1.5
Mailpoet Mailpoet Newsletters	Version 2.1.6
Mailpoet Mailpoet Newsletters	Version 2.1.7
Mailpoet Mailpoet Newsletters	Version 2.1.8
Mailpoet Mailpoet Newsletters	Version 2.1.9
Mailpoet Mailpoet Newsletters	Version 2.1
Mailpoet Mailpoet Newsletters	Version 2.2.1
Mailpoet Mailpoet Newsletters	Version 2.2.2
Mailpoet Mailpoet Newsletters	Version 2.2.3
Mailpoet Mailpoet Newsletters	Version 2.2
Mailpoet Mailpoet Newsletters	Version 2.3.1
Mailpoet Mailpoet Newsletters	Version 2.3.2
Mailpoet Mailpoet Newsletters	Version 2.3.3
Mailpoet Mailpoet Newsletters	Version 2.3.4
Mailpoet Mailpoet Newsletters	Version 2.3.5
Mailpoet Mailpoet Newsletters	Version 2.3
Mailpoet Mailpoet Newsletters	Version 2.4.1
Mailpoet Mailpoet Newsletters	Version 2.4.2
Mailpoet Mailpoet Newsletters	Version 2.4.3
Mailpoet Mailpoet Newsletters	Version 2.4.4
Mailpoet Mailpoet Newsletters	Version 2.4
Mailpoet Mailpoet Newsletters	Version 2.5.1
Mailpoet Mailpoet Newsletters	Version 2.5.2
Mailpoet Mailpoet Newsletters	Version 2.5.3
Mailpoet Mailpoet Newsletters	Version 2.5.4
Mailpoet Mailpoet Newsletters	Version 2.5.5
Mailpoet Mailpoet Newsletters	Version 2.5.7
Mailpoet Mailpoet Newsletters	Version 2.5.8
Mailpoet Mailpoet Newsletters	Version 2.5.9.1
Mailpoet Mailpoet Newsletters	Version 2.5.9.2
Mailpoet Mailpoet Newsletters	Version 2.5.9.3
Mailpoet Mailpoet Newsletters	Version 2.5.9.4
Mailpoet Mailpoet Newsletters	Version 2.5.9
Mailpoet Mailpoet Newsletters	Version 2.5
Mailpoet Mailpoet Newsletters	Version 2.6.1
Mailpoet Mailpoet Newsletters	Version 2.6.2
Mailpoet Mailpoet Newsletters	Version 2.6.3
Mailpoet Mailpoet Newsletters	Version 2.6.4
Mailpoet Mailpoet Newsletters	Version 2.6.5
Mailpoet Mailpoet Newsletters	Version 2.6.6
Mailpoet Mailpoet Newsletters	Version 2.6.7
Mailpoet Mailpoet Newsletters	Version 2.6.8
Mailpoet Mailpoet Newsletters	Version 2.6.9
Mailpoet Mailpoet Newsletters	Version 2.6
Mailpoet Mailpoet Newsletters	Version 2.6 beta