318 matches found
EUVD-2022-2720
Malicious code in bioql PyPI...
EUVD-2022-2513
Malicious code in bioql PyPI...
EUVD-2023-0746
Malicious code in bioql PyPI...
EUVD-2024-27276
Malicious code in bioql PyPI...
EUVD-2023-44361
Malicious code in bioql PyPI...
CVE-2025-60447
A stored Cross-Site Scripting XSS vulnerability has been discovered in Emlog Pro 2.5.19. The vulnerability exists in the email template configuration component located at /admin/setting.php?action=mail, which allows administrators to input HTML code that is not properly sanitized, leading to...
PT-2025-40525
Name of the Vulnerable Software and Affected Versions Emlog Pro version 2.5.19 Description A stored Cross-Site Scripting XSS issue has been identified. The vulnerability is located in the email template configuration component at the /admin/setting.php?action=mail API endpoint. This allows...
CVE-2025-60447
A stored Cross-Site Scripting XSS vulnerability has been discovered in Emlog Pro 2.5.19. The vulnerability exists in the email template configuration component located at /admin/setting.php?action=mail, which allows administrators to input HTML code that is not properly sanitized, leading to...
Emlog Pro 安全漏洞
Emlog Pro is a blogging system from Emlog Open Source. A security vulnerability exists in Emlog Pro version 2.5.19, which stems from an email template configuration component that does not properly clean up its HTML code and could lead to a stored cross-site scripting attack...
CVE-2025-60447
CVE-2025-60447 describes a stored XSS in Emlog Pro 2.5.19, in the email template configuration page (/admin/setting.php?action=mail). User input HTML is not sanitized, allowing persistent JavaScript execution. Connected advisories (Red Hat, CVE listings, PT Security) corroborate the issue and sug...
WordPress Email Template Customizer for WooCommerce plugin <= 1.2.17 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by savphill in WordPress Plugin Email Template Customizer for WooCommerce versions = 1.2.17...
CVE-2025-58800
Cross-Site Request Forgery CSRF vulnerability in Steve Truman WP Email Template wp-email-template allows Cross Site Request Forgery.This issue affects WP Email Template: from n/a through = 2.8.6...
CVE-2025-41042
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataOptionmessage', 'dataOptionsubject' and 'dataOptiontemplatetype' parameters in /apprain/information/manage/emailtemplate/ad...
CVE-2025-58800
Cross-Site Request Forgery CSRF vulnerability in Steve Truman WP Email Template wp-email-template allows Cross Site Request Forgery.This issue affects WP Email Template: from n/a through = 2.8.5...
CVE-2025-58800
Cross-Site Request Forgery CSRF vulnerability in Steve Truman WP Email Template wp-email-template allows Cross Site Request Forgery.This issue affects WP Email Template: from n/a through = 2.8.5...
CVE-2025-58800 WordPress WP Email Template plugin <= 2.8.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Steve Truman WP Email Template wp-email-template allows Cross Site Request Forgery.This issue affects WP Email Template: from n/a through = 2.8.5...
CVE-2025-58800 WordPress WP Email Template plugin <= 2.8.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Steve Truman WP Email Template wp-email-template allows Cross Site Request Forgery.This issue affects WP Email Template: from n/a through = 2.8.5...
CVE-2025-58800
CVE-2025-58800 is a CSRF vulnerability in the WordPress plugin WP Email Template (affecting versions up to and including 2.8.3). The issue enables CSRF, allowing an authenticated attacker to perform actions on behalf of legitimate users without their knowledge. The CVSS v3.1 base score is 4.3 (Me...
WordPress WP Email Template plugin <= 2.8.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WP Email Template versions = 2.8.5...
PT-2025-36140
Name of the Vulnerable Software and Affected Versions: WP Email Template versions n/a through 2.8.3 Description: The software contains a Cross-Site Request Forgery CSRF flaw. This issue allows attackers to perform actions on behalf of authenticated users without their knowledge. Recommendations:...