KBAZ@SOGETI_ESEC

2 exploits Active since Jan 2020
CVE-2019-20361 NOMISEC CRITICAL WORKING POC
Icegram Email Subscribers & Newsletters < 4.3.1 - SQL Injection
There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to be passed to the database in the hash parameter (a blind SQL injection vulnerability).
CVSS 9.8
CVE-2019-20361 EXPLOITDB CRITICAL bash WORKING POC
Icegram Email Subscribers & Newsletters < 4.3.1 - SQL Injection
There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to be passed to the database in the hash parameter (a blind SQL injection vulnerability).
CVSS 9.8