104 matches found
CVE-2022-47600
Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Mass Email To users plugin = 1.1.4 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Mass Email To users plugin = 1.1.4 versions...
PT-2023-15424 · I Thirteen Web Solution · Mass Email To Users Plugin
Name of the Vulnerable Software and Affected Versions: I Thirteen Web Solution Mass Email To users plugin versions 1.1.4 and earlier Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This allows for malicious scripts to be injected into a website,...
WordPress WP Reroute Email Plugin <= 1.4.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP Reroute Email Type Plugin Vulnerable versions = 1.4.6 Fixed in 1.4.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-27606 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 0d6c514b89f2 Credits Mika Required...
CVE-2023-23982
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPGear.Pro WPFrom Email plugin = 1.8.8 versions...
CVE-2023-23982 WordPress WPFrom Email Plugin <= 1.8.8 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPGear.Pro WPFrom Email plugin = 1.8.8 versions...
CVE-2023-23982 WordPress WPFrom Email Plugin <= 1.8.8 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPGear.Pro WPFrom Email plugin = 1.8.8 versions...
CVE-2015-10078
A vulnerability, which was classified as problematic, has been found in atwellpub Resend Welcome Email Plugin 1.0.1 on WordPress. This issue affects the function sendwelcomeemailurl of the file resend-welcome-email.php. The manipulation leads to cross site scripting. The attack may be initiated...
Cross site scripting
A vulnerability, which was classified as problematic, has been found in atwellpub Resend Welcome Email Plugin 1.0.1 on WordPress. This issue affects the function sendwelcomeemailurl of the file resend-welcome-email.php. The manipulation leads to cross site scripting. The attack may be initiated...
CVE-2015-10078
The CVE-2015-10078 entry concerns the atwellpub Resend Welcome Email Plugin for WordPress (version 1.0.1). The vulnerability affects the function send_welcome_email_url in the file resend-welcome-email.php, enabling cross-site scripting. It can be triggered remotely. A fix is available in version...
CVE-2015-10078 atwellpub Resend Welcome Email Plugin resend-welcome-email.php send_welcome_email_url cross site scripting
A vulnerability, which was classified as problematic, has been found in atwellpub Resend Welcome Email Plugin 1.0.1 on WordPress. This issue affects the function sendwelcomeemailurl of the file resend-welcome-email.php. The manipulation leads to cross site scripting. The attack may be initiated...
PT-2023-10257 · Atwellpub · Atwellpub Resend Welcome Email Plugin
Name of the Vulnerable Software and Affected Versions: atwellpub Resend Welcome Email Plugin version 1.0.1 Description: A problematic issue has been found in the atwellpub Resend Welcome Email Plugin, affecting the send welcome email url function of the file resend-welcome-email.php. This issue...
CVE-2022-42699
Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin = 1.5.1 on WordPress...
WordPress WP-EMail plugin cross-site request forgery vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WP-EMail plugin versions prior to 2.69.0 are vulnerable to cross-site request forgery, whic...
CVE-2022-1614
The WP-EMail WordPress plugin before 2.69.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based anti-spamming restrictions...
CVE-2022-1630
The WP-EMail WordPress plugin before 2.69.0 does not protect its log deletion functionality with nonce checks, allowing attacker to make a logged in admin delete logs via a CSRF attack...
CVE-2022-1547
The Check & Log Email WordPress plugin before 1.0.6 does not sanitise and escape a parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting...
WordPress plugin cross-site scripting vulnerability (CNVD-2021-102401)
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in the Check ...
Cross site scripting
The Check & Log Email WordPress plugin before 1.0.4 does not escape the d parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the WordPress plugin Contact Form Email, which stems from...