> An issue was discovered in Hue Ghost CMS Theme for Podcasting 3.x.x. > Their is no rate limit on the newsletter subscribe button. > For example, an attacker who controls one email address can send a thousand subscription requests. > > ------------------------------------------ > > [Additional Information] > Affected Product link > https://themeforest.net/item/hue-ghost-cms-theme-for-podcasting/25729319 > Vendor Link > https://themeforest.net/user/aspirethemes > > Means i can use any one email and send them 1000 mail.Affecting status of the company. > > ------------------------------------------ > > [VulnerabilityType Other] > No rate Limit > > ------------------------------------------ > > [Vendor of Product] > aspirethemes > > ------------------------------------------ > > [Affected Product Code Base] > Hue - Ghost CMS Theme for Podcasting. https://themeforest.net/item/hue-ghost-cms-theme-for-podcasting/25729319 - Ghost 3.x.x > > ------------------------------------------ > > [Affected Component] > User > > ------------------------------------------ > > [Attack Type] > Remote > > ------------------------------------------ > > [Impact Denial of Service] > true > > ------------------------------------------ > > [Attack Vectors] > Their is no rate limit vulnerability on email subscribe > > ------------------------------------------ > > [Reference] > https://themeforest.net/item/hue-ghost-cms-theme-for-podcasting/25729319 > https://themeforest.net/user/aspirethemes > > ------------------------------------------ > > [Discoverer] > Aaryan Saharan