CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

47 matches found

WordPress Email Newsletter - Reflected XSS

WordPress Email Newsletter plugin through 1.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to cra...

5.4CVSS7.2AI score0.03097EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2015-9174

Malware in sbrugna...

9.8CVSS9.5AI score0.00614EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-51944

Malicious code in bioql PyPI...

4.3CVSS9.1AI score0.00259EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-36425

Malicious code in bioql PyPI...

4.4CVSS6.6AI score0.00232EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:10 a.m.•3 views

CVE-2023-47849

Missing Authorization vulnerability in Blossom Themes BlossomThemes Email Newsletter blossomthemes-email-newsletter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BlossomThemes Email Newsletter: from n/a through = 2.2.4...

4.3CVSS7.3AI score0.00259EPSS

Exploits0References1

Patchstack•added 2025/02/03 10:4 p.m.•3 views

WordPress WP Email Newsletter plugin <= 1.1 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin WP Email Newsletter versions = 1.1...

5.4CVSS6.4AI score0.03097EPSS

Exploits1References1Affected Software1

OSV•added 2025/02/01 6:15 a.m.•0 views

CVE-2024-13098

The WordPress Email Newsletter WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

5.4CVSS7.3AI score0.03097EPSS

Exploits1References1

Cvelist•added 2025/02/01 6:0 a.m.•9 views

CVE-2024-13098 WP Email Newsletter <= 1.1 - Reflected XSS

0.03097EPSS

Exploits1References1

CVE•added 2025/02/01 6:0 a.m.•52 views

CVE-2024-13098

CVE-2024-13098 is a WordPress Email Newsletter plugin (

5.4CVSS5.8AI score0.03097EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2025/02/01 6:0 a.m.•6 views

CVE-2024-13098 WP Email Newsletter <= 1.1 - Reflected XSS

5.3AI score0.03097EPSS

Exploits1References1

Positive Technologies•added 2025/02/01 12:0 a.m.•2 views

PT-2025-1997

Name of the Vulnerable Software and Affected Versions WordPress Email Newsletter WordPress plugin versions 1.1 and earlier Description The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitised and escaped before being outputted back in the page...

5.4CVSS5.3AI score0.03097EPSS

Exploits1References7

NVD•added 2024/12/09 1:15 p.m.•4 views

CVE-2023-47849

4.3CVSS0.00259EPSS

Exploits0References1

Vulnrichment•added 2024/12/09 11:30 a.m.•8 views

CVE-2023-47849 WordPress BlossomThemes Email Newsletter plugin <= 2.2.4 - Broken Access Control vulnerability

4.3CVSS7.3AI score0.00259EPSS

Exploits0References1

OSV•added 2024/06/26 11:15 a.m.•0 views

CVE-2024-37098

Server-Side Request Forgery SSRF vulnerability in Blossom Themes BlossomThemes Email Newsletter.This issue affects BlossomThemes Email Newsletter: from n/a through 2.2.6...

9.8CVSS5.8AI score0.00232EPSS

Exploits0References1

NVD•added 2024/06/26 11:15 a.m.•17 views

CVE-2024-37098

Server-Side Request Forgery SSRF vulnerability in Blossom Themes BlossomThemes Email Newsletter.This issue affects BlossomThemes Email Newsletter: from n/a through 2.2.6...

9.8CVSS0.00232EPSS

Exploits0References1

Vulnrichment•added 2024/06/26 10:54 a.m.•26 views

CVE-2024-37098 WordPress BlossomThemes Email Newsletter plugin <= 2.2.6 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Blossom Themes BlossomThemes Email Newsletter.This issue affects BlossomThemes Email Newsletter: from n/a through 2.2.6...

4.4CVSS7AI score0.00232EPSS

Exploits0References1

CVE•added 2024/06/26 10:54 a.m.•44 views

CVE-2024-37098

CVE-2024-37098: BlossomThemes Email Newsletter plugin contains an authenticated SSRF vulnerability affecting BlossomThemes Email Newsletter versions up to 2.2.6. Patch available to 2.2.7 (wording from PatchStack reference). Impact and exploit details are not elaborated in the provided documents b...

9.8CVSS5.2AI score0.00232EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/06/26 10:54 a.m.•22 views

CVE-2024-37098 WordPress BlossomThemes Email Newsletter plugin <= 2.2.6 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Blossom Themes BlossomThemes Email Newsletter.This issue affects BlossomThemes Email Newsletter: from n/a through 2.2.6...

4.4CVSS0.00232EPSS

Exploits0References1

Patchstack•added 2024/06/20 8:37 a.m.•1 views

WordPress BlossomThemes Email Newsletter plugin <= 2.2.6 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Yuchen Ji Patchstack Alliance in WordPress Plugin BlossomThemes Email Newsletter versions = 2.2.6...

9.8CVSS7AI score0.00232EPSS

Exploits0Affected Software1

Patchstack•added 2024/06/20 12:0 a.m.•8 views

WordPress BlossomThemes Email Newsletter Plugin <= 2.2.6 is vulnerable to Server Side Request Forgery (SSRF)

Software BlossomThemes Email Newsletter Type Plugin Vulnerable versions = 2.2.6 Fixed in 2.2.7 OWASP Top 10 A10: Server-Side Request Forgery SSRF Classification Server Side Request Forgery SSRF CVE CVE-2024-37098 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID 21a43a2470ce...

4.4CVSS6.7AI score0.00232EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by