11 matches found
EUVD-2024-35427
Malicious code in bioql PyPI...
CVE-2024-35668
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue allows Reflected XSS.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue: from n/...
PT-2024-39043 · Brevo · The Newsletter
Name of the Vulnerable Software and Affected Versions: The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo plugin for WordPress versions up to, and including, 3.1.87 Description: The issue is due to missing or incorrect nonce validation on the Init function, making it possible for...
CVE-2024-43287
Cross-Site Request Forgery CSRF vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue: from n/a through 3.1.82...
CVE-2024-43287
Cross-Site Request Forgery CSRF vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue: from n/a through 3.1.82...
CVE-2024-43287
Cross-Site Request Forgery CSRF vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue: from n/a through 3.1.82...
CVE-2024-43287
CVE-2024-43287 is a CSRF vulnerability in Brevo (Sendinblue) WordPress plugin forms (Newsletter, SMTP, Email marketing and Subscribe forms). The vulnerability affects Brevo forms up to version 3.1.82. The connected PT security entry recommends upgrading to 3.1.83 as the remediation. Other sources...
PT-2024-30452 · Sendinblue · Brevo Newsletter
Name of the Vulnerable Software and Affected Versions: Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue versions 3.1.82 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the Brevo Newsletter, SMTP, Email marketing, and Subscribe forms by Sendinblue...
CVE-2024-35668
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue allows Reflected XSS.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue: from n/...
CVE-2024-35668
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue allows Reflected XSS.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue: from n/...
PT-2024-26615 · Sendinblue · Brevo Newsletter
Name of the Vulnerable Software and Affected Versions: Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue versions n/a through 3.1.77 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS,...