Vulnerabilities (CVE)

Filtered by vendor Fp Newsletter Project Subscribe
Filtered by product Fp Newsletter
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-47411 1 Fp Newsletter Project 1 Fp Newsletter 2024-11-21 N/A 9.1 CRITICAL
An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations.
CVE-2022-47410 1 Fp Newsletter Project 1 Fp Newsletter 2024-11-21 N/A 9.1 CRITICAL
An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations.
CVE-2022-47409 1 Fp Newsletter Project 1 Fp Newsletter 2024-11-21 N/A 9.1 CRITICAL
An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Attackers can unsubscribe everyone via a series of modified subscription UIDs in deleteAction operations.
CVE-2022-47408 1 Fp Newsletter Project 1 Fp Newsletter 2024-11-21 N/A 9.1 CRITICAL
An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people.