52 matches found
EUVD-2021-11440
Malware in sbrugna...
EUVD-2023-43775
Malicious code in bioql PyPI...
EUVD-2025-3929
Malicious code in bioql PyPI...
EUVD-2024-50316
Malicious code in bioql PyPI...
EUVD-2023-12305
Malicious code in bioql PyPI...
CVE-2025-24739
Cross-Site Request Forgery CSRF vulnerability in Shahjahan Jewel FluentSMTP fluent-smtp allows Cross Site Request Forgery.This issue affects FluentSMTP: from n/a through = 2.2.80...
CVE-2023-3087
The FluentSMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 2.2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...
CVE-2023-0219
The FluentSMTP WordPress plugin before 2.2.3 does not sanitize or escape email content, making it vulnerable to stored cross-site scripting attacks XSS when an administrator views the email logs. This exploit requires other plugins to enable users to send emails with unfiltered HTML...
CVE-2021-24528
The FluentSMTP WordPress plugin before 2.0.1 does not sanitize parameters before storing the settings in the database, nor does the plugin escape the values before outputting them when viewing the SMTP settings set by this plugin, leading to a stored cross site scripting XSS vulnerability. Only...
CVE-2024-9511
The FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.82 via deserialization of untrusted input in the 'formatResult' function. This makes it...
CVE-2025-24739
Cross-Site Request Forgery CSRF vulnerability in Shahjahan Jewel FluentSMTP fluent-smtp allows Cross Site Request Forgery.This issue affects FluentSMTP: from n/a through = 2.2.80...
CVE-2025-24739 WordPress FluentSMTP plugin <= 2.2.80 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Shahjahan Jewel FluentSMTP fluent-smtp allows Cross Site Request Forgery.This issue affects FluentSMTP: from n/a through = 2.2.80...
CVE-2025-24739
CVE-2025-24739 corresponds to a Cross-Site Request Forgery (CSRF) vulnerability in the FluentSMTP WordPress plugin. Affected versions are FluentSMTP
CVE-2025-24739 WordPress FluentSMTP plugin <= 2.2.80 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Shahjahan Jewel FluentSMTP fluent-smtp allows Cross Site Request Forgery.This issue affects FluentSMTP: from n/a through = 2.2.80...
WordPress FluentSMTP plugin <= 2.2.80 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin FluentSMTP versions = 2.2.80...
WordPress plugin FluentSMTP 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...
WordPress FluentSMTP plugin <= 2.2.82 - Unauthenticated PHP Object Injection vulnerability
Unauthenticated PHP Object Injection vulnerability discovered by Leo in WordPress Plugin FluentSMTP versions = 2.2.82...
WordPress FluentSMTP Plugin <= 2.2.82 is vulnerable to PHP Object Injection
Software FluentSMTP Type Plugin Vulnerable versions = 2.2.82 Fixed in 2.2.83 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-9511 Patch priority Low CVSS severity Low 9.8 Developer WP ManageNinja LLC PSID 44d93a16fa65 Credits Leo Required privilege Unauthenticated...
CVE-2024-9511
The FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.82 via deserialization of untrusted input in the 'formatResult' function. This makes it...
CVE-2024-9511 FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider <= 2.2.82 - Unauthenticated PHP Object Injection
The FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.82 via deserialization of untrusted input in the 'formatResult' function. This makes it...