Hamkovic

**Name of the Vulnerable Software and Affected Versions** Mail Masta plugin version 1.0 **Description** A SQL injection issue is present, which can be exploited with WordPress admin access. This issue affects the ./inc/campaign/view-campaign-list.php file, specifically the `id` GET parameter. **Recommendations** For Mail Masta plugin version 1.0, avoid using the `id` parameter in the ./inc/campaign/view-campaign-list.php file until the issue is resolved. As a temporary workaround, consider restricting access to the view-campaign-list.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mail Masta plugin version 1.0 **Description** A SQL injection issue is present, which can be exploited with WordPress admin access. The issue affects the ./inc/lists/edit-list.php file, specifically with the `id` GET parameter. **Recommendations** For Mail Masta plugin version 1.0, avoid using the `id` parameter in the ./inc/lists/edit-list.php file until a fix is available. As a temporary workaround, consider restricting access to the edit-list.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Mail Masta plugin version 1.0 **Description** A SQL injection issue is present, which can be exploited with WordPress admin access. This issue affects the ./inc/lists/edit member.php file, specifically with the `filter list` GET parameter. **Recommendations** For Mail Masta plugin version 1.0, avoid using the `filter list` parameter in the ./inc/lists/edit member.php file until a fix is available. As a temporary workaround, consider restricting access to the edit member.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Mail Masta plugin version 1.0 **Description** A SQL injection issue is present, which can be exploited with WordPress admin access. This issue affects the ./inc/lists/edit member.php file, specifically with the `member id` GET parameter. **Recommendations** For Mail Masta plugin version 1.0, consider restricting access to the ./inc/lists/edit member.php file or avoiding the use of the `member id` parameter until a fix is available. As a temporary workaround, disabling the edit member.php functionality could help minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Mail Masta plugin version 1.0 **Description** A SQL injection issue is present, which can be exploited with WordPress admin access. This issue affects the ./inc/subscriber list.php file, specifically the `subscriber email` parameter in POST requests. **Recommendations** For Mail Masta plugin version 1.0, avoid using the `subscriber email` parameter in the affected ./inc/subscriber list.php file until the issue is resolved. As a temporary workaround, consider restricting access to the ./inc/subscriber list.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.