24 matches found
EUVD-2025-17247
Malicious code in bioql PyPI...
EUVD-2024-36654
Malicious code in bioql PyPI...
EUVD-2024-36653
Malicious code in bioql PyPI...
EUVD-2024-36694
Malicious code in bioql PyPI...
EUVD-2024-40617
Malicious code in bioql PyPI...
CVE-2025-49325
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Phishing.This issue affects Newspack Newsletters: from n/a through = 3.13.0...
CVE-2025-49325
CVE-2025-49325 – Open Redirect in Newspack Newsletters (Automattic) allows phishing via URL redirection. Affected: Newspack Newsletters
PT-2025-24249 · Automattic · Newspack Newsletters
Name of the Vulnerable Software and Affected Versions: Automattic Newspack Newsletters versions prior to 3.13.0 Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability, which allows phishing attacks. Recommendations: For versions...
CVE-2024-37476
Cross Site Scripting XSS vulnerability in Automattic Newspack Campaigns allows Stored XSS.This issue affects Newspack Campaigns: from n/a through 2.31.1...
CVE-2024-37474
Cross Site Scripting XSS vulnerability in Automattic Newspack Ads allows Stored XSS.This issue affects Newspack Ads: from n/a through 1.47.1...
CVE-2024-37242
Cross-Site Request Forgery CSRF vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Cross Site Request Forgery.This issue affects Newspack Newsletters: from n/a through = 2.13.2...
CVE-2024-37115
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Automattic Newspack Blocks.This issue affects Newspack Blocks: from n/a through 3.0.8...
CVE-2024-37242
Cross-Site Request Forgery CSRF vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Cross Site Request Forgery.This issue affects Newspack Newsletters: from n/a through = 2.13.2...
CVE-2024-37242 WordPress Newspack Newsletters plugin <= 2.13.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Cross Site Request Forgery.This issue affects Newspack Newsletters: from n/a through = 2.13.2...
CVE-2024-37242
CVE-2024-37242 is a Cross-Site Request Forgery (CSRF) vulnerability in Automattic Newspack Newsletters, affecting version range n/a through 2.13.2. The connected records confirm the issue as a CSRF flaw in the WordPress plugin and reference public disclosures; no exploitation details or official ...
CVE-2024-37475
Missing Authorization vulnerability in Automattic Newspack Newsletters allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Newspack Newsletters: from n/a through 2.13.2...
CVE-2024-37475 WordPress Newspack Newsletters plugin <= 2.13.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Automattic Newspack Newsletters allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Newspack Newsletters: from n/a through 2.13.2...
CVE-2024-43968 WordPress Newspack plugin < 3.8.7 - Broken Access Control vulnerability
Broken Access Control vulnerability in Automattic Newspack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack: from n/a through 3.8.6...
CVE-2024-37115
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Automattic Newspack Blocks.This issue affects Newspack Blocks: from n/a through 3.0.8...
CVE-2024-37115
CVE-2024-37115 affects WordPress plugin Newspack Blocks (versions up to 3.0.8). The vulnerability exposes sensitive information to an unauthenticated actor (Unauthenticated Sensitive Information Exposure). CVSSv3.1 base score 7.5 (HIGH); attack vector NETWORK, no authentication required, confiden...