Lucene search
+L

350 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-29248

Malicious code in bioql PyPI...

9.8CVSS8.8AI score0.00386EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-46875

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00378EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-19861

Malicious code in bioql PyPI...

7.1CVSS8.6AI score0.00394EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-15578

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.04184EPSS
Exploits3References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-50964

Malicious code in bioql PyPI...

4.8CVSS8.7AI score0.00292EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-47312

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.0114EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-32576

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00392EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:38 a.m.11 views

CVE-2024-8254

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.7.34. This is due to the software allowing users to execute an action that do...

6.3CVSS7.3AI score0.00495EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:36 a.m.6 views

CVE-2024-8771

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'previewemailtemplatedesign' function in all versions up to, and including,...

4.3CVSS6.5AI score0.00361EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:9 a.m.6 views

CVE-2024-2656

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a CSV import in all versions up to, and including, 5.7.14 due to insufficient input sanitization and output escapin...

4.4CVSS5.7AI score0.0035EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:23 a.m.5 views

CVE-2024-3626

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the gettemplatecontent function in all versions up to, and including, 5.7.17. This...

4.3CVSS5.9AI score0.00369EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:40 a.m.7 views

CVE-2024-31352

Missing Authorization vulnerability in Email Subscribers & Newsletters.This issue affects Email Subscribers & Newsletters: from n/a through 5.7.13...

9.8CVSS6.9AI score0.00386EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:31 a.m.5 views

CVE-2024-5703

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized API access due to a missing capability check in all versions up to, and including, 5.7.26. This makes it possible for authenticated...

4.3CVSS5.2AI score0.00378EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:2 a.m.12 views

CVE-2024-12567

The Email Subscribers by Icegram Express WordPress plugin before 5.7.45 does not sanitise and escape some of its form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.8CVSS5.7AI score0.00292EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:2 a.m.8 views

CVE-2024-12568

The Email Subscribers by Icegram Express WordPress plugin before 5.7.45 does not sanitise and escape some of its Workflow settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example...

4.8CVSS5.7AI score0.00292EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:57 a.m.14 views

CVE-2024-12311

The Email Subscribers by Icegram Express WordPress plugin before 5.7.44 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

6.5CVSS7.6AI score0.00608EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:54 a.m.14 views

CVE-2024-11636

The Email Subscribers by Icegram Express WordPress plugin before 5.7.45 does not sanitise and escape some of its Text Block options, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for exampl...

4.8CVSS5.7AI score0.00312EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:43 p.m.5 views

CVE-2020-5768

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote, authenticated attacker to determine the value of database fields...

4.9CVSS7.3AI score0.01966EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:40 p.m.10 views

CVE-2020-5767

Cross-site request forgery in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote attacker to send forged emails by tricking legitimate users into clicking a crafted link...

6.5CVSS6.9AI score0.00917EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 a.m.6 views

CVE-2019-14364

An XSS vulnerability in the "Email Subscribers & Newsletters" plugin 4.1.6 for WordPress allows an attacker to inject malicious JavaScript code through a publicly available subscription form using the esfpxname wp-admin/admin-ajax.php POST parameter...

6.1CVSS6.2AI score0.0133EPSS
Exploits0References1
Rows per page
Query Builder