Deactivate and delete. This plugin has been closed as of August 30, 2019 and is not available for download. Reason: Guideline Violation.
Lenon Leite discovered and reported this SQL Injection vulnerability in WordPress [GWA] AutoResponder Plugin. This could allow a malicious actor to directly interact with your database, including but not limited to stealing information and creating new administrator accounts. This vulnerability has not been known to be fixed yet.
Authenticated SQL Injection (SQLi) vulnerability at &orderby
7.2
27.01.2022
CrossSite Request Forgery (CSRF) leading to Persistent CrossSite Scripting (XSS) at &Subject
4.7
27.01.2022
Multiple CrossSite Request Forgery (CSRF) vulnerabilities
5.4
27.01.2022
CrossSite Request Forgery (CSRF) leading to Multiple Persistent CrossSite Scripting (XSS)
6.1
27.01.2022
Successfully submit vulnerabilities and receive an invite to our Alliance platform.
Learn more
Close
[GWA] AutoResponder
LinkedIn
Facebook
Twitter
Join Discord
