Lucene search
K

101 matches found

CNNVD
CNNVD
added 2023/07/12 12:0 a.m.9 views

WordPress Plugin WP Mail Log 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.2CVSS6.6AI score0.00458EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/07/06 12:0 a.m.12 views

WordPress WP Mail Log Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Mail Log Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3088 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID c9c7904c5be6 Credits Alex Thomas Required privile...

7.2CVSS5.7AI score0.00458EPSS
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/05 12:0 a.m.21 views

WP Mail Log < 1.1.2 - Unauthenticated Stored Cross-Site Scripting

The plugin does not properly sanitize and escape email contents, leading to a potential Stored Cross-Site Scripting vulnerability. This issue allows for arbitrary web scripts to be injected into pages, which will execute when a user accesses an affected page...

7.2CVSS5.9AI score0.00458EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/02/02 9:22 p.m.4 views

CVE-2022-45807

Cross-Site Request Forgery CSRF in WPVibes WP Mail Log plugin = 1.0.1 versions...

8.8CVSS5.8AI score0.00264EPSS
Exploits0References1
NVD
NVD
added 2023/02/02 9:22 p.m.20 views

CVE-2022-45807

Cross-Site Request Forgery CSRF in WPVibes WP Mail Log plugin = 1.0.1 versions...

8.8CVSS6.5AI score0.00264EPSS
Exploits0References1
Prion
Prion
added 2023/02/02 9:22 p.m.16 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF in WPVibes WP Mail Log plugin = 1.0.1 versions...

6.8CVSS8.8AI score0.00264EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/02 4:12 p.m.11 views

CVE-2022-45807 WordPress WP Mail Log Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF in WPVibes WP Mail Log plugin = 1.0.1 versions...

5.4CVSS8.1AI score0.00264EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/02 4:12 p.m.23 views

CVE-2022-45807 WordPress WP Mail Log Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF in WPVibes WP Mail Log plugin = 1.0.1 versions...

5.4CVSS9AI score0.00264EPSS
Exploits0References1
CVE
CVE
added 2023/02/02 4:12 p.m.48 views

CVE-2022-45807

CVE-2022-45807 is a CSRF vulnerability in the WPVibes WP Mail Log plugin, affecting versions &lt;= 1.0.1. The NVD entry reports a CVSS v3.1 base score of 8.8 (HIGH) with network attack vector, requiring user interaction and no privileges, and impact to confidentiality, integrity, and availability...

8.8CVSS8.1AI score0.00264EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/02/02 12:0 a.m.6 views

WordPress Plugin WP Mail Log 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

8.8CVSS7.8AI score0.00264EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/02/02 12:0 a.m.5 views

PT-2023-14759 · Wpvibes · Wpvibes Wp Mail Log

Name of the Vulnerable Software and Affected Versions: WPVibes WP Mail Log plugin versions 1.0.1 and earlier Description: The issue is related to Cross-Site Request Forgery CSRF in the WPVibes WP Mail Log plugin. This means an attacker can trick a user into performing unintended actions on a web...

8.8CVSS8.4AI score0.00264EPSS
Exploits0References4
OSV
OSV
added 2020/05/11 4:15 p.m.4 views

CVE-2020-12784

cPanel before 86.0.14 allows remote attackers to trigger a bandwidth suspension via mail log strings SEC-505...

5.3CVSS6.1AI score0.01251EPSS
Exploits0References2
NVD
NVD
added 2020/05/11 4:15 p.m.30 views

CVE-2020-12784

cPanel before 86.0.14 allows remote attackers to trigger a bandwidth suspension via mail log strings SEC-505...

5.3CVSS5.3AI score0.01251EPSS
Exploits0References2
Prion
Prion
added 2020/05/11 4:15 p.m.14 views

Design/Logic Flaw

cPanel before 86.0.14 allows remote attackers to trigger a bandwidth suspension via mail log strings SEC-505...

5CVSS5.4AI score0.01251EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/05/11 3:49 p.m.58 views

CVE-2020-12784

CVE-2020-12784 affects cPanel prior to 86.0.14. The issue allows remote attackers to trigger a bandwidth suspension by abusing specific mail log strings (SEC-505). Public references (NVD/Red Hat/CVE listings) corroborate a network-trajectory issue with low attack complexity and no authentication ...

5.3CVSS5.3AI score0.01251EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/05/11 3:49 p.m.30 views

CVE-2020-12784

cPanel before 86.0.14 allows remote attackers to trigger a bandwidth suspension via mail log strings SEC-505...

5.4AI score0.01251EPSS
Exploits0References1
NVD
NVD
added 2012/08/13 6:55 p.m.21 views

CVE-2012-2324

Multiple SQL injection vulnerabilities in MyBB aka MyBulletinBoard before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the 1 user search or 2 Mail Log in the Admin Control Panel ACP...

7.5CVSS8.4AI score0.01047EPSS
Exploits0References4
Prion
Prion
added 2012/08/13 6:55 p.m.20 views

Sql injection

Multiple SQL injection vulnerabilities in MyBB aka MyBulletinBoard before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the 1 user search or 2 Mail Log in the Admin Control Panel ACP...

7.5CVSS9.2AI score0.01047EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2010/10/19 12:0 a.m.16 views

Mandriva Update for mailgraph MDVA-2010:206 (mailgraph)

Check for the Version of mailgraph OpenVAS Vulnerability Test Mandriva Update for mailgraph MDVA-2010:206 mailgraph Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

0.5AI score
Exploits0References2
NVD
NVD
added 2001/07/04 4:0 a.m.17 views

CVE-2001-1075

poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attackers to bypass authentication for relaying by causing a "POP login by user" string that includes the attacker's IP address to be injected into the maillog log file...

5CVSS6.8AI score0.02734EPSS
Exploits1References4
Rows per page
Query Builder