Lucene search
K

59 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:15 a.m.11 views

CVE-2023-47186

Cross-Site Request Forgery CSRF vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin = 1.5.11 versions...

8.8CVSS8.5AI score0.00234EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:19 a.m.12 views

CVE-2022-3335

The Kadence WooCommerce Email Designer WordPress plugin before 1.5.7 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import intentionally or not a malicious file and a suitable gadget chain is present on the blog...

7.2CVSS6.8AI score0.0115EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/04/25 3:49 p.m.8 views

CVE-2025-39557

Unrestricted Upload of File with Dangerous Type vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Upload a Web Shell to a Web Server.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.14...

9.1CVSS7.2AI score0.00544EPSS
Exploits0References1
NVD
NVD
added 2025/04/16 1:15 p.m.8 views

CVE-2025-39557

Unrestricted Upload of File with Dangerous Type vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Upload a Web Shell to a Web Server.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.14...

9.1CVSS0.00544EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/16 12:44 p.m.10 views

CVE-2025-39557 WordPress Kadence WooCommerce Email Designer plugin <= 1.5.14 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Upload a Web Shell to a Web Server.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.14...

9.1CVSS8.6AI score0.00544EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 12:44 p.m.51 views

CVE-2025-39557

CVE-2025-39557 — Kadence WooCommerce Email Designer (WordPress plugin) exposes an Unrestricted Upload of File with Dangerous Type, allowing an attacker to upload a web shell. Affected: Kadence WooCommerce Email Designer versions up to and including 1.5.14. Impact is consistent with file-upload vu...

9.1CVSS7.2AI score0.00544EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/16 12:44 p.m.26 views

CVE-2025-39557 WordPress Kadence WooCommerce Email Designer plugin <= 1.5.14 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Upload a Web Shell to a Web Server.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.14...

9.1CVSS0.00544EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.10 views

PT-2025-16653 · Kadence · Kadence Woocommerce Email Designer

Name of the Vulnerable Software and Affected Versions: Kadence WooCommerce Email Designer versions 1.5.14 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling the upload of a web shell to a web server. Recommendations: For...

9.1CVSS9.2AI score0.00544EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/11/09 12:0 a.m.17 views

WordPress Kadence WooCommerce Email Designer Plugin < 1.5.7 PHP Object Injection Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:kadencewp:kadencewoocommerceemaildesigner"; ifdescription...

7.2CVSS7.1AI score0.0115EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2023/11/09 12:0 a.m.27 views

WordPress Kadence WooCommerce Email Designer Plugin < 1.5.12 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:kadencewp:kadencewoocommerceemaildesigner"; ifdescription...

8.8CVSS7AI score0.00234EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/11/07 12:0 a.m.21 views

Kadence WooCommerce Email Designer < 1.5.12 - CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.5AI score0.00234EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/11/06 12:15 p.m.5 views

CVE-2023-47186

A vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.11...

8.8CVSS8.5AI score0.00234EPSS
Exploits0References3
OSV
OSV
added 2023/11/06 12:15 p.m.7 views

CVE-2023-47186

Cross-Site Request Forgery CSRF vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin = 1.5.11 versions...

8.8CVSS7.3AI score0.00234EPSS
Exploits0References1
NVD
NVD
added 2023/11/06 12:15 p.m.35 views

CVE-2023-47186

Cross-Site Request Forgery CSRF vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin = 1.5.11 versions...

8.8CVSS8.8AI score0.00234EPSS
Exploits0References1
Prion
Prion
added 2023/11/06 12:15 p.m.20 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin = 1.5.11 versions...

6.8CVSS7.2AI score0.00234EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/06 11:25 a.m.32 views

CVE-2023-47186 WordPress Kadence WooCommerce Email Designer Plugin <= 1.5.11 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin = 1.5.11 versions...

4.3CVSS9.1AI score0.00234EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/11/06 11:25 a.m.17 views

CVE-2023-47186 WordPress Kadence WooCommerce Email Designer Plugin <= 1.5.11 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin = 1.5.11 versions...

4.3CVSS7AI score0.00234EPSS
Exploits0References1
CVE
CVE
added 2023/11/06 11:25 a.m.55 views

CVE-2023-47186

CVE-2023-47186 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress Kadence WP Kadence WooCommerce Email Designer plugin, affecting versions ≤ 1.5.11. The NVD/NVD-derived metrics indicate a high impact (C, I, A = High) with CVSSv3.1: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. PatchStac...

8.8CVSS8.8AI score0.00234EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/06 12:0 a.m.4 views

PT-2023-30352 · Kadence · Kadence Woocommerce Email Designer

Name of the Vulnerable Software and Affected Versions: Kadence WP Kadence WooCommerce Email Designer plugin versions = 1.5.11 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing...

8.8CVSS8.8AI score0.00234EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/11/06 12:0 a.m.7 views

WordPress Plugin Kadence WooCommerce Email Designer Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

8.8CVSS6.5AI score0.00234EPSS
Exploits0References2
Rows per page
Query Builder