Cross-Site Request Forgery (CSRF) vulnerability in M&S Consulting Email Before Download.This issue affects Email Before Download: from n/a through...
4.3CVSS
5.6AI Score
0.0004EPSS
The Email Before Download WordPress plugin before 6.8 does not properly validate and escape the order and orderby GET parameters before using them in SQL statements, leading to authenticated SQL injection...
8.8CVSS
8.9AI Score
0.001EPSS
The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed unauthenticated file download with user information...
5.3CVSS
5.1AI Score
0.433EPSS