Lucene search
K

104 matches found

OSV
OSV
added 2023/05/10 11:15 a.m.3 views

CVE-2022-47600

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Mass Email To users plugin = 1.1.4 versions...

6.1CVSS5.8AI score0.00382EPSS
Exploits0References1
Prion
Prion
added 2023/05/10 11:15 a.m.20 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Mass Email To users plugin = 1.1.4 versions...

5.8CVSS6AI score0.00382EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/10 12:0 a.m.4 views

PT-2023-15424 · I Thirteen Web Solution · Mass Email To Users Plugin

Name of the Vulnerable Software and Affected Versions: I Thirteen Web Solution Mass Email To users plugin versions 1.1.4 and earlier Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This allows for malicious scripts to be injected into a website,...

7.1CVSS6.2AI score0.00382EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/04/14 12:0 a.m.9 views

WordPress WP Reroute Email Plugin <= 1.4.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Reroute Email Type Plugin Vulnerable versions = 1.4.6 Fixed in 1.4.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-27606 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 0d6c514b89f2 Credits Mika Required...

8.8CVSS7AI score0.00246EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/04/06 5:15 a.m.22 views

CVE-2023-23982

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPGear.Pro WPFrom Email plugin = 1.8.8 versions...

5.9CVSS5.4AI score0.00392EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/06 4:49 a.m.9 views

CVE-2023-23982 WordPress WPFrom Email Plugin <= 1.8.8 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPGear.Pro WPFrom Email plugin = 1.8.8 versions...

5.9CVSS5.8AI score0.00392EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/06 4:49 a.m.26 views

CVE-2023-23982 WordPress WPFrom Email Plugin <= 1.8.8 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPGear.Pro WPFrom Email plugin = 1.8.8 versions...

5.9CVSS5.5AI score0.00392EPSS
Exploits0References1
NVD
NVD
added 2023/02/12 2:15 p.m.17 views

CVE-2015-10078

A vulnerability, which was classified as problematic, has been found in atwellpub Resend Welcome Email Plugin 1.0.1 on WordPress. This issue affects the function sendwelcomeemailurl of the file resend-welcome-email.php. The manipulation leads to cross site scripting. The attack may be initiated...

6.1CVSS4.5AI score0.00633EPSS
Exploits0References4
Prion
Prion
added 2023/02/12 2:15 p.m.17 views

Cross site scripting

A vulnerability, which was classified as problematic, has been found in atwellpub Resend Welcome Email Plugin 1.0.1 on WordPress. This issue affects the function sendwelcomeemailurl of the file resend-welcome-email.php. The manipulation leads to cross site scripting. The attack may be initiated...

5.8CVSS6.5AI score0.00633EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2023/02/12 1:31 p.m.90 views

CVE-2015-10078

The CVE-2015-10078 entry concerns the atwellpub Resend Welcome Email Plugin for WordPress (version 1.0.1). The vulnerability affects the function send_welcome_email_url in the file resend-welcome-email.php, enabling cross-site scripting. It can be triggered remotely. A fix is available in version...

6.1CVSS4.8AI score0.00633EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/02/12 1:31 p.m.20 views

CVE-2015-10078 atwellpub Resend Welcome Email Plugin resend-welcome-email.php send_welcome_email_url cross site scripting

A vulnerability, which was classified as problematic, has been found in atwellpub Resend Welcome Email Plugin 1.0.1 on WordPress. This issue affects the function sendwelcomeemailurl of the file resend-welcome-email.php. The manipulation leads to cross site scripting. The attack may be initiated...

4CVSS6.1AI score0.00633EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/02/12 12:0 a.m.4 views

PT-2023-10257 · Atwellpub · Atwellpub Resend Welcome Email Plugin

Name of the Vulnerable Software and Affected Versions: atwellpub Resend Welcome Email Plugin version 1.0.1 Description: A problematic issue has been found in the atwellpub Resend Welcome Email Plugin, affecting the send welcome email url function of the file resend-welcome-email.php. This issue...

6.1CVSS6.6AI score0.00633EPSS
Exploits0References6
OSV
OSV
added 2022/12/06 11:15 p.m.1 views

CVE-2022-42699

Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin = 1.5.1 on WordPress...

8.8CVSS5.9AI score
Exploits0References1
CNVD
CNVD
added 2022/06/22 12:0 a.m.16 views

WordPress WP-EMail plugin cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WP-EMail plugin versions prior to 2.69.0 are vulnerable to cross-site request forgery, whic...

4.3CVSS2.5AI score0.00513EPSS
Exploits2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/06/20 11:15 a.m.4 views

CVE-2022-1614

The WP-EMail WordPress plugin before 2.69.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based anti-spamming restrictions...

7.5CVSS7.1AI score0.01105EPSS
Exploits2References2
OSV
OSV
added 2022/06/20 11:15 a.m.3 views

CVE-2022-1630

The WP-EMail WordPress plugin before 2.69.0 does not protect its log deletion functionality with nonce checks, allowing attacker to make a logged in admin delete logs via a CSRF attack...

6.5CVSS5.8AI score0.00513EPSS
Exploits2References1
OSV
OSV
added 2022/05/23 8:16 a.m.6 views

CVE-2022-1547

The Check & Log Email WordPress plugin before 1.0.6 does not sanitise and escape a parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.4AI score0.00757EPSS
Exploits2References1
CNVD
CNVD
added 2021/12/01 12:0 a.m.15 views

WordPress plugin cross-site scripting vulnerability (CNVD-2021-102401)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in the Check ...

6.1CVSS6AI score0.00757EPSS
Exploits2References1
Prion
Prion
added 2021/11/29 9:15 a.m.14 views

Cross site scripting

The Check & Log Email WordPress plugin before 1.0.4 does not escape the d parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting...

2.6CVSS6.1AI score0.00757EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2021/11/17 12:0 a.m.5 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the WordPress plugin Contact Form Email, which stems from...

4.8CVSS4.9AI score0.00598EPSS
Exploits0References3
Rows per page
Query Builder