CVE-2013-3264

Name of the Vulnerable Software and Affected Versions WP Ultimate Email Marketer plugin version 1.1.0 and possibly earlier

Description The issue concerns improper access restriction to certain API endpoints, specifically "list/edit.php" and "campaign/editCampaign.php", allowing remote attackers to modify sensitive data.

Recommendations For WP Ultimate Email Marketer plugin version 1.1.0 and possibly earlier, consider restricting access to the "list/edit.php" and "campaign/editCampaign.php" endpoints until a proper fix is available. As a temporary workaround, limit the functionality of these endpoints to prevent unauthorized data modification. At the moment, there is no information about a newer version that contains a fix for this vulnerability.