Lucene search
K

24 matches found

Packet Storm News
Packet Storm News
added 2026/02/02 12:0 a.m.6 views

MailPoet Newsletters 2.6.19 Cross Site Scripting

A cross site scripting vulnerability exists in MailPoet Newsletters WordPress Plugin version 2.6.19. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

4.3CVSS5.2AI score0.0107EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-13393

Malware in sbrugna...

5.3CVSS5.6AI score0.00948EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-4645

Malware in sbrugna...

7.5CVSS6.4AI score0.01712EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 5:54 a.m.5 views

CVE-2018-20853

An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...

5.3CVSS7AI score0.00948EPSS
Exploits0References1
OSV
OSV
added 2019/11/06 8:15 p.m.6 views

CVE-2018-20853

An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...

5.3CVSS5.8AI score0.00948EPSS
Exploits0References1
NVD
NVD
added 2019/11/06 8:15 p.m.18 views

CVE-2018-20853

An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...

5.3CVSS5.3AI score0.00948EPSS
Exploits0References1
Prion
Prion
added 2019/11/06 8:15 p.m.18 views

Design/Logic Flaw

An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...

5CVSS5.3AI score0.00948EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/11/06 7:17 p.m.20 views

CVE-2018-20853

An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...

5.3AI score0.00948EPSS
Exploits0References1
CVE
CVE
added 2019/11/06 7:17 p.m.112 views

CVE-2018-20853

Technical details for CVE-2018-20853 are not publicly available in the provided documents. Monitor for updates from vendor and security advisories.

5.3CVSS5.3AI score0.00948EPSS
Exploits0References1Affected Software1
Hacker One
Hacker One
added 2017/01/22 2:42 p.m.23 views

Zomato: MailPoet Newsletters <= 2.7.2 - Authenticated Reflected Cross-Site Scripting (XSS)

Hello Team Abstract:- A Cross-Site Scripting vulnerability was found in the MailPoet Newsletters plugin. This issue allows an attacker to perform a wide variety of actions, such as stealing Administrators' session tokens, or performing arbitrary actions on their behalf. In order to exploit this...

1.8AI score
Exploits0
Packet Storm
Packet Storm
added 2016/09/10 12:0 a.m.32 views

WordPress MailPoet Newsletters 2.7.2 Cross Site Scripting

------------------------------------------------------------------------ Reflected Cross-Site Scripting vulnerability in MailPoet Newsletters plugin ------------------------------------------------------------------------ Sipke Mellema, July 2016...

7.4AI score
Exploits0
CNVD
CNVD
added 2016/05/14 12:0 a.m.2 views

WordPress MailPoet Newsletter Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers running PHP and MySQL.MailPoet Newsletters is a newsletter plugin for WordPress that supports the creation of newsletters and the automation of notifications and responses. A cross-sit...

6.2AI score
Exploits0References1
Packet Storm
Packet Storm
added 2016/02/03 12:0 a.m.18 views

MailPoet Newsletters 2.6.19 Cross Site Scripting

Information -------------------- Advisory by Netsparker Name: XSS Vulnerability in MailPoet Newsletters Affected Software : MailPoet Newsletters Affected Versions: v2.6.19 and possibly below Vendor Homepage : http://www.mailpoet.com/ Vulnerability Type : Cross-site Scripting Severity : Important...

7.4AI score
Exploits0
Dsquare
Dsquare
added 2014/09/01 12:0 a.m.52 views

WordPress MailPoet Newsletters File Upload

File upload vulnerability in WordPress MailPoet Newsletters wysija-newsletters Plugin Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

7.5CVSS1.2AI score0.59682EPSS
Exploits2References1
NVD
NVD
added 2014/08/26 2:55 p.m.14 views

CVE-2014-3907

Cross-site request forgery CSRF vulnerability in the MailPoet Newsletters wysija-newsletters plugin before 2.6.11 for WordPress allows remote attackers to hijack the authentication of arbitrary users...

6.8CVSS7.3AI score0.0107EPSS
Exploits0References3
Prion
Prion
added 2014/08/26 2:55 p.m.16 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the MailPoet Newsletters wysija-newsletters plugin before 2.6.11 for WordPress allows remote attackers to hijack the authentication of arbitrary users...

6.8CVSS7.8AI score0.0107EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/08/26 2:0 p.m.47 views

CVE-2014-3907

CVE-2014-3907 concerns a cross-site request forgery (CSRF) vulnerability in the WordPress plugin MailPoet Newsletters (wysija-newsletters) up to version 2.6.10. The root cause is CSRF that enables an attacker to hijack the authentication of arbitrary users when they view a malicious page while lo...

6.8CVSS7.5AI score0.0107EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/08/26 4:33 a.m.6 views

MailPoet Newsletters vulnerable to cross-site request forgery

Overview MailPoet Newsletters is a plugin for WordPress. MailPoet Newsletters contains a cross-site request forgery vulnerability. Yoshinori Matsumoto reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact If a use...

6.8CVSS6.5AI score0.0107EPSS
Exploits0References5
NVD
NVD
added 2014/07/27 6:55 p.m.18 views

CVE-2014-4726

Unspecified vulnerability in the MailPoet Newsletters wysija-newsletters plugin before 2.6.8 for WordPress has unspecified impact and attack vectors...

7.5CVSS6.7AI score0.01712EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/07/27 6:0 p.m.31 views

CVE-2014-4725

The MailPoet Newsletters wysija-newsletters plugin before 2.6.7 for WordPress allows remote attackers to bypass authentication and execute arbitrary PHP code by uploading a crafted theme using wp-admin/admin-post.php and accessing the theme in wp-content/uploads/wysija/themes/mailp/...

7.7AI score0.59682EPSS
Exploits2References6
Rows per page
Query Builder