Approved changes feed: RSS · Atom

cpe:2.3:a:kibokolabs:arigato_autoresponder_and_newsletter:2.5.1.7:*:*:*:*:wordpress:*:*

part: a version: 2.5.1.7 update: *

VendorKibokolabs (94c96222-e91f-5c0c-83ed-9f4ab2c7eef0)
ProductArigato Autoresponder And Newsletter (d5abea8b-b154-5327-97c1-2782cc926764)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/wp-plugins/bft-autoresponder purl2cpe 2026-06-01 10:12:20.594856

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2018-18461 vulnerable 2026-06-08 05:11:14.023409 Details available
The Arigato Autoresponder and Newsletter (aka bft-autoresponder) v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments[] data to models/attachment.php.
Published: 2018-10-18T06:00:00.000Z
Updated: 2024-08-05T11:08:21.952Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.