Lucene search
K

92 matches found

Nuclei
Nuclei
added 11 hours ago51 views

Mail Mint < 1.19.5 - Unauthenticated Email Disclosure

Mail Mint WordPress plugin 1.19.5 contains an information disclosure vulnerability caused by lack of authorization in a REST API endpoint, letting unauthenticated users retrieve email addresses of blog users, exploit requires no authentication. id: CVE-2026-2025 info: name: Mail Mint 1.19.5 -...

7.5CVSS6.1AI score0.01379EPSS
Exploits0References3
NVD
NVD
added 3 days ago6 views

CVE-2026-12918

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to generic SQL Injection via the 'recipients' parameter in all versions up to, and including, 1.24.1 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS0.00319EPSS
Exploits0References6
EUVD
EUVD
added 3 days ago10 views

EUVD-2026-42862

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to generic SQL Injection via the 'recipients' parameter in all versions up to, and including, 1.24.1 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS6.1AI score0.00319EPSS
Exploits0References6
CVE
CVE
added 3 days ago13 views

CVE-2026-12918

Summary of CVE-2026-12918 (Mail Mint WordPress plugin) : The plugin (versions up to and including 1.24.1) is vulnerable to a general SQL Injection via the recipients parameter due to insufficient escaping and unsafe query construction. This is a second-order injection: an attacker with authentica...

4.9CVSS6.1AI score0.00319EPSS
Exploits0References6
Patchstack
Patchstack
added 4 days ago4 views

WordPress Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin <= 1.24.1 - Authenticated (Administrator+) SQL Injection vulnerability

Authenticated Administrator+ SQL Injection vulnerability discovered by PRISM in WordPress Plugin Mail Mint versions = 1.24.1...

4.9CVSS6.1AI score0.00319EPSS
Exploits0References1Affected Software1
NVD
NVD
added 4 days ago8 views

CVE-2026-14342

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to time-based SQL Injection via the 'contactids' parameter in all versions up to, and including, 1.24.2 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS0.00266EPSS
Exploits0References5
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-14342 Mail Mint <= 1.24.2 - Authenticated (Administrator+) SQL Injection via 'contact_ids' Parameter

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to time-based SQL Injection via the 'contactids' parameter in all versions up to, and including, 1.24.2 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS0.00266EPSS
Exploits0References5
CVE
CVE
added 4 days ago11 views

CVE-2026-14342

The Mail Mint WordPress plugin (Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails) is affected up to version 1.24.2 by a time-based SQL Injection via the contact_ids parameter. The root cause is insufficient escaping of user input and lack of proper SQL query preparat...

4.9CVSS6AI score0.00266EPSS
Exploits0References5
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42545

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to time-based SQL Injection via the 'contactids' parameter in all versions up to, and including, 1.24.2 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS6AI score0.00266EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-14342

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to time-based SQL Injection via the 'contactids' parameter in all versions up to, and including, 1.24.2 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS6AI score0.00266EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.10 views

CVE-2026-27349

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a through 1.19.5...

4.3CVSS5.5AI score0.00171EPSS
Exploits0References1
NVD
NVD
added 2026/05/21 9:16 a.m.18 views

CVE-2026-27349

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a through 1.19.5...

4.3CVSS0.00171EPSS
Exploits0References1
CVE
CVE
added 2026/05/21 8:21 a.m.22 views

CVE-2026-27349

CVE-2026-27349 affects the WordPress Mail Mint plugin (versions

4.3CVSS5.8AI score0.00171EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 8:21 a.m.9 views

CVE-2026-27349

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a through 1.19.5...

4.3CVSS5.8AI score0.00171EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/21 8:21 a.m.9 views

CVE-2026-27349 WordPress Mail Mint plugin <= 1.19.5 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a through 1.19.5...

4.3CVSS5.8AI score0.00171EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/21 8:21 a.m.43 views

CVE-2026-27349 WordPress Mail Mint plugin <= 1.19.5 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a through 1.19.5...

4.3CVSS0.00171EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/21 8:21 a.m.12 views

EUVD-2026-31249

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a through 1.19.5...

4.3CVSS5.8AI score0.00171EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/21 8:20 a.m.10 views

WordPress Mail Mint plugin <= 1.19.5 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Que Thanh Tuan in WordPress Plugin Mail Mint versions = 1.19.5...

4.3CVSS5.8AI score0.00171EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.14 views

PT-2026-42433

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a through 1.19.5...

4.3CVSS5.8AI score0.00171EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.8 views

WordPress plugin Mail Mint 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.3CVSS5.8AI score0.00171EPSS
Exploits0References1
Rows per page
Query Builder