CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-49307

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00311EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-28044

Malicious code in bioql PyPI...

5.9CVSS5.4AI score0.00207EPSS

Exploits0References1

Patchstack•added 2025/09/03 3:2 p.m.•4 views

WordPress MailOptin Plugin <= 1.2.75.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Fiqro Najiah in WordPress Plugin MailOptin versions = 1.2.75.0...

5.9CVSS6AI score0.00043EPSS

Exploits0Affected Software1

Cvelist•added 2025/09/03 2:36 p.m.•10 views

CVE-2025-58596 WordPress MailOptin Plugin <= 1.2.75.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in properfraction MailOptin mailoptin allows Stored XSS.This issue affects MailOptin: from n/a through = 1.2.75.0...

5.9CVSS0.00043EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:16 a.m.•5 views

CVE-2024-8628

The Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'post-meta' shortcode in all versions up to, and including, 1.2.70.3 due to insufficient input sanitization and output escaping o...

5.4CVSS5.8AI score0.00311EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:12 a.m.•3 views

CVE-2023-23980

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in MailOptin Popup Builder Team MailOptin plugin = 1.2.54.0 versions...

5.9CVSS5.6AI score0.00207EPSS

Exploits0References1

OSV•added 2024/09/24 3:15 a.m.•0 views

CVE-2024-8628

5.4CVSS5.9AI score

Exploits0References2

Vulnrichment•added 2024/09/24 3:6 a.m.•13 views

CVE-2024-8628 Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin <= 1.2.70.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

5.4CVSS5.8AI score0.00311EPSS

Exploits0References2

CVE•added 2024/09/24 3:6 a.m.•38 views

CVE-2024-8628

CVE-2024-8628 — MailOptin WordPress Plugin (MailOptin) Stored XSS Affects: MailOptin plugin for WordPress (Popup, Optin Form & Email Newsletters) up to version 1.2.70.3.Root cause: Insufficient input sanitization and output escaping in the plugin’s post-meta shortcode, enabling stored cross-site ...

5.4CVSS5.3AI score0.00311EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/09/24 12:0 a.m.•8 views

WordPress MailOptin Plugin <= 1.2.70.3 is vulnerable to Cross Site Scripting (XSS)

Software MailOptin Type Plugin Vulnerable versions = 1.2.70.3 Fixed in 1.2.70.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8628 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 285843b069cc Credits Francesco Carlucci...

5.4CVSS5.8AI score0.00311EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2024/09/23 12:0 a.m.•5 views

PT-2024-39142 · WordPress · Mailoptin

Name of the Vulnerable Software and Affected Versions: MailOptin plugin for WordPress versions up to, and including, 1.2.70.3 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'post-meta' shortcode due to insufficient input sanitization and output escaping on...

5.4CVSS6.1AI score0.00311EPSS

Exploits0References7

NVD•added 2023/04/06 8:15 a.m.•9 views

CVE-2023-23980

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in MailOptin Popup Builder Team MailOptin plugin = 1.2.54.0 versions...

5.9CVSS5.4AI score0.00207EPSS

Exploits0References1

CVE•added 2023/04/06 7:39 a.m.•25 views

CVE-2023-23980

MailOptin Popup Builder WordPress plugin

5.9CVSS4.9AI score0.00207EPSS

Exploits0References1Affected Software1

WPVulnDB•added 2023/01/20 12:0 a.m.•17 views

MailOptin 1.2.54.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00207EPSS

Exploits0Affected Software1

OSV•added 2022/09/23 7:15 p.m.•0 views

CVE-2022-36340

Unauthenticated Optin Campaign Cache Deletion vulnerability in MailOptin plugin = 1.2.49.0 at WordPress...

5.3CVSS5.8AI score0.0017EPSS

Exploits0References2

NVD•added 2022/09/23 7:15 p.m.•12 views

CVE-2022-36340

Unauthenticated Optin Campaign Cache Deletion vulnerability in MailOptin plugin = 1.2.49.0 at WordPress...

6.5CVSS0.0017EPSS

Exploits0References2

Vulnrichment•added 2022/09/23 6:31 p.m.•5 views

CVE-2022-36340 WordPress MailOptin plugin <= 1.2.49.0 - Unauthenticated Optin Campaign Cache Deletion vulnerability

Unauthenticated Optin Campaign Cache Deletion vulnerability in MailOptin plugin = 1.2.49.0 at WordPress...

6.5CVSS6.4AI score0.0017EPSS

Exploits0References2

Positive Technologies•added 2022/09/23 12:0 a.m.•2 views

PT-2022-23317 · WordPress · Mailoptin

Name of the Vulnerable Software and Affected Versions: MailOptin plugin versions 1.2.49.0 and earlier Description: The issue concerns an Unauthenticated Optin Campaign Cache Deletion vulnerability. This vulnerability affects the MailOptin plugin at WordPress, allowing for unauthenticated cache...

6.5CVSS5.2AI score0.0017EPSS

Exploits0References5

Patchstack•added 2022/09/23 12:0 a.m.•29 views

WordPress MailOptin plugin <= 1.2.49.0 - Unauthenticated Optin Campaign Cache Deletion vulnerability

An unauthenticated Optin Campaign Cache Deletion vulnerability was discovered by Muhammad Daffa Patchstack Alliance in the WordPress MailOptin plugin versions = 1.2.49.0. Solution Update the WordPress MailOptin plugin to the latest available version at least 1.2.50.0...

6.5CVSS3.9AI score0.0017EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by