Lucene search
K

28 matches found

Vulnrichment
Vulnrichment
added 2025/12/02 4:37 a.m.5 views

CVE-2025-13387 Kadence WooCommerce Email Designer <= 1.5.17 - Unauthenticated Stored Cross-Site Scripting

The Kadence WooCommerce Email Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer name in all versions up to, and including, 1.5.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.2CVSS4.9AI score0.00275EPSS
Exploits0References2
CVE
CVE
added 2025/12/02 4:37 a.m.16 views

CVE-2025-13387

CVE-2025-13387 affects Kadence WooCommerce Email Designer for WordPress. The WordPress plugin is vulnerable to unauthenticated stored cross-site scripting via the customer name in all versions up to 1.5.17 due to insufficient input sanitization and output escaping. Several connected sources confi...

7.2CVSS4.9AI score0.00275EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-11308

Malicious code in bioql PyPI...

9.1CVSS9.2AI score0.00498EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-42722

Malicious code in bioql PyPI...

7.2CVSS6.9AI score0.0115EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.3 views

CVE-2025-54697

Incorrect Privilege Assignment vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Privilege Escalation.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.16...

7.2CVSS5.9AI score0.00376EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.2 views

WordPress plugin Kadence WooCommerce Email Designer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

7.2CVSS6.8AI score0.00376EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:15 a.m.9 views

CVE-2023-47186

Cross-Site Request Forgery CSRF vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin = 1.5.11 versions...

8.8CVSS8.5AI score0.00234EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:19 a.m.11 views

CVE-2022-3335

The Kadence WooCommerce Email Designer WordPress plugin before 1.5.7 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import intentionally or not a malicious file and a suitable gadget chain is present on the blog...

7.2CVSS6.8AI score0.0115EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/04/25 3:49 p.m.8 views

CVE-2025-39557

Unrestricted Upload of File with Dangerous Type vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Upload a Web Shell to a Web Server.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.14...

9.1CVSS7.2AI score0.00498EPSS
Exploits0References1
NVD
NVD
added 2025/04/16 1:15 p.m.8 views

CVE-2025-39557

Unrestricted Upload of File with Dangerous Type vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Upload a Web Shell to a Web Server.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.14...

9.1CVSS0.00498EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 12:44 p.m.50 views

CVE-2025-39557

CVE-2025-39557 — Kadence WooCommerce Email Designer (WordPress plugin) exposes an Unrestricted Upload of File with Dangerous Type, allowing an attacker to upload a web shell. Affected: Kadence WooCommerce Email Designer versions up to and including 1.5.14. Impact is consistent with file-upload vu...

9.1CVSS7.2AI score0.00498EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/16 12:44 p.m.25 views

CVE-2025-39557 WordPress Kadence WooCommerce Email Designer plugin <= 1.5.14 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Upload a Web Shell to a Web Server.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.14...

9.1CVSS0.00498EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/16 12:44 p.m.10 views

CVE-2025-39557 WordPress Kadence WooCommerce Email Designer plugin <= 1.5.14 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Upload a Web Shell to a Web Server.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.14...

9.1CVSS8.6AI score0.00498EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.8 views

PT-2025-16653 · Kadence · Kadence Woocommerce Email Designer

Name of the Vulnerable Software and Affected Versions: Kadence WooCommerce Email Designer versions 1.5.14 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling the upload of a web shell to a web server. Recommendations: For...

9.1CVSS9.2AI score0.00498EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/11/09 12:0 a.m.16 views

WordPress Kadence WooCommerce Email Designer Plugin < 1.5.7 PHP Object Injection Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:kadencewp:kadencewoocommerceemaildesigner"; ifdescription...

7.2CVSS7.1AI score0.0115EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2023/11/09 12:0 a.m.26 views

WordPress Kadence WooCommerce Email Designer Plugin < 1.5.12 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:kadencewp:kadencewoocommerceemaildesigner"; ifdescription...

8.8CVSS7AI score0.00234EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/11/06 12:15 p.m.5 views

CVE-2023-47186

A vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.11...

8.8CVSS8.5AI score0.00234EPSS
Exploits0References3
NVD
NVD
added 2023/11/06 12:15 p.m.23 views

CVE-2023-47186

Cross-Site Request Forgery CSRF vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin = 1.5.11 versions...

8.8CVSS8.8AI score0.00234EPSS
Exploits0References1
Prion
Prion
added 2023/11/06 12:15 p.m.18 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin = 1.5.11 versions...

6.8CVSS7.2AI score0.00234EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/06 11:25 a.m.54 views

CVE-2023-47186

CVE-2023-47186 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress Kadence WP Kadence WooCommerce Email Designer plugin, affecting versions ≤ 1.5.11. The NVD/NVD-derived metrics indicate a high impact (C, I, A = High) with CVSSv3.1: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. PatchStac...

8.8CVSS8.8AI score0.00234EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder