28 matches found
CVE-2025-13387 Kadence WooCommerce Email Designer <= 1.5.17 - Unauthenticated Stored Cross-Site Scripting
The Kadence WooCommerce Email Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer name in all versions up to, and including, 1.5.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2025-13387
CVE-2025-13387 affects Kadence WooCommerce Email Designer for WordPress. The WordPress plugin is vulnerable to unauthenticated stored cross-site scripting via the customer name in all versions up to 1.5.17 due to insufficient input sanitization and output escaping. Several connected sources confi...
EUVD-2025-11308
Malicious code in bioql PyPI...
EUVD-2022-42722
Malicious code in bioql PyPI...
CVE-2025-54697
Incorrect Privilege Assignment vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Privilege Escalation.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.16...
WordPress plugin Kadence WooCommerce Email Designer 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
CVE-2023-47186
Cross-Site Request Forgery CSRF vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin = 1.5.11 versions...
CVE-2022-3335
The Kadence WooCommerce Email Designer WordPress plugin before 1.5.7 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import intentionally or not a malicious file and a suitable gadget chain is present on the blog...
CVE-2025-39557
Unrestricted Upload of File with Dangerous Type vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Upload a Web Shell to a Web Server.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.14...
CVE-2025-39557
Unrestricted Upload of File with Dangerous Type vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Upload a Web Shell to a Web Server.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.14...
CVE-2025-39557
CVE-2025-39557 — Kadence WooCommerce Email Designer (WordPress plugin) exposes an Unrestricted Upload of File with Dangerous Type, allowing an attacker to upload a web shell. Affected: Kadence WooCommerce Email Designer versions up to and including 1.5.14. Impact is consistent with file-upload vu...
CVE-2025-39557 WordPress Kadence WooCommerce Email Designer plugin <= 1.5.14 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Upload a Web Shell to a Web Server.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.14...
CVE-2025-39557 WordPress Kadence WooCommerce Email Designer plugin <= 1.5.14 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Upload a Web Shell to a Web Server.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.14...
PT-2025-16653 · Kadence · Kadence Woocommerce Email Designer
Name of the Vulnerable Software and Affected Versions: Kadence WooCommerce Email Designer versions 1.5.14 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling the upload of a web shell to a web server. Recommendations: For...
WordPress Kadence WooCommerce Email Designer Plugin < 1.5.7 PHP Object Injection Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:kadencewp:kadencewoocommerceemaildesigner"; ifdescription...
WordPress Kadence WooCommerce Email Designer Plugin < 1.5.12 CSRF Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:kadencewp:kadencewoocommerceemaildesigner"; ifdescription...
CVE-2023-47186
A vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.11...
CVE-2023-47186
Cross-Site Request Forgery CSRF vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin = 1.5.11 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin = 1.5.11 versions...
CVE-2023-47186
CVE-2023-47186 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress Kadence WP Kadence WooCommerce Email Designer plugin, affecting versions ≤ 1.5.11. The NVD/NVD-derived metrics indicate a high impact (C, I, A = High) with CVSSv3.1: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. PatchStac...