OliveTin's email argument makes compliance harder, enables log injection

Summary The typeSafetyCheckEmail function in service/internal/executor/arguments.go calls log.Errorf on every invocation including when validation succeeds err == nil. This means every email address submitted by any user is written to the application's ERROR-level log unconditionally. Because the...

PT-2026-22464

Name of the Vulnerable Software and Affected Versions WP Mail Logging versions prior to 1.15.1 Description The WP Mail Logging plugin for WordPress is susceptible to PHP Object Injection in versions up to and including 1.15.0. This occurs due to the deserialization of untrusted input from the ema...

CVE-2025-13199

A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of the argument Username results in path traversal: '../filedir'. The attack is only possible with local access. The exploit has been made public and...

EUVD-2025-197700

A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of the argument Username results in path traversal: '../filedir'. The attack is only possible with local access. The exploit has been made public and...

CVE-2025-13199

A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of the argument Username results in path traversal: '../filedir'. The attack is only possible with local access. The exploit has been made public and...

CVE-2025-13199

A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of the argument Username results in path traversal: '../filedir'. The attack is only possible with local access. The exploit has been made public and...

CVE-2025-13199 code-projects Email Logging Interface signup.cpp path traversal

A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of the argument Username results in path traversal: '../filedir'. The attack is only possible with local access. The exploit has been made public and...

CVE-2025-13199 code-projects Email Logging Interface signup.cpp path traversal

A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of the argument Username results in path traversal: '../filedir'. The attack is only possible with local access. The exploit has been made public and...

CVE-2025-13199

The provided connected documents describe CVE-2025-13199 as a path traversal vulnerability in code-projects Email Logging Interface 2.0, affecting an unknown function in signup.cpp. An attacker can manipulate the Username argument to traverse directories using ../filedir, with exploitation requir...

PT-2025-47055

Name of the Vulnerable Software and Affected Versions code-projects Email Logging Interface version 2.0 Description A path traversal issue exists due to the manipulation of the Username argument in an unknown function within the signup.cpp file. This allows for directory traversal using the...

Code-Projects Email Logging Interface 安全漏洞

Code-Projects Email Logging Interface is an email logging interface for Code-Projects. Version 2.0 of Code-Projects Email Logging Interface has a security vulnerability, which stems from incorrect handling of the parameter Username in the signup.cpp file, potentially leading to path traversal...

EUVD-2020-5540

Malware in sbrugna...

EUVD-2024-46447

Malicious code in bioql PyPI...

WordPress WPExperts Post SMTP plugin authentication bypass vulnerability

WordPress WPExperts Post SMTP plugin is a plugin for optimizing the WordPress email sending process. The main features include custom email services, email logging, DNS authentication and OAuth authorization. An authentication bypass vulnerability exists in the WordPress WPExperts Post SMTP plugi...

WordPress Plugin WPExperts Post SMTP 安全漏洞

WordPress WPExperts Post SMTP plugin is a plugin for optimizing the WordPress email sending process. The main features include custom email services, email logging, DNS authentication and OAuth authorization. An authentication bypass vulnerability exists in the WordPress WPExperts Post SMTP plugi...

POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress < 2.9.4 - Administrator+ SQL Injection

Description The POST SMTP – The 1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications plugin for WordPress is vulnerable to time-based SQL Injection via the selected parameter in all versions up to, and including, 2.9.3 due to insufficient escaping on the user...

“Never Assume Anything” – Unauthenticated Stored Cross-Site Scripting Vulnerability Exposed in 14 Email Logging Plugins

“Never Assume Anything” – that is the 4th Guiding Principle written in the Security section of the WordPress Common APIs Handbook for developers. When it comes to WordPress plugin security, assumptions can be dangerous. This became evident when the Wordfence Threat Intelligence team discovered an...

SUSE CVE-2007-1717

The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ '\0' byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases...

Check & Log Email < 1.0.4 - Reflected Cross-Site Scripting

The plugin does not escape the d parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting With the "Enable Logs" setting activated: https://example.com/wp-admin/admin.php?page=check-email-logs&d="+style=animation-name:rotation+onanimationstart=alert/XSS///...

Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta Mail Logging Buffer Overflow (3)

No description provided by source. source: http://www.securityfocus.com/bid/1158/info Sniffit is a freely available, open source network monitoring tool. It is designed for use on the Unix and Linux Operating Systems. Sniffit contains a remotely exploitable buffer overflow vulnerability. If Sniff...