Lucene search
+L

179 matches found

Positive Technologies
Positive Technologies
added 2024/12/16 12:0 a.m.9 views

PT-2024-36241 · WordPress · Wp Mailster

Name of the Vulnerable Software and Affected Versions: WP Mailster versions 1.8.17.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF problem, which allows an attacker to perform unauthorized actions on a user's account. This can be achieved by tricking the user into...

8.8CVSS7.2AI score0.00274EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/12/16 12:0 a.m.3 views

WordPress plugin WP Mailster 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site reques...

8.8CVSS8.5AI score0.00274EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/12/11 10:19 p.m.4 views

WordPress WP Mailster plugin <= 1.8.17.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin WP Mailster versions = 1.8.17.0...

8.8CVSS7AI score0.00274EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/12/07 11:25 a.m.4 views

WordPress WP Mailster plugin <= 1.8.16.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Mika in WordPress Plugin WP Mailster versions = 1.8.16.0...

6.5CVSS7AI score0.00388EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/12/06 2:15 p.m.4 views

CVE-2024-53807

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in brandtoss WP Mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through 1.8.16.0...

9.8CVSS7.3AI score0.00459EPSS
Exploits0References1
NVD
NVD
added 2024/12/06 2:15 p.m.20 views

CVE-2024-53807

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in brandtoss WP Mailster wp-mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through = 1.8.16.0...

9.8CVSS0.00459EPSS
Exploits0References1
OSV
OSV
added 2024/12/06 2:15 p.m.5 views

CVE-2024-53803

Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0...

8.8CVSS7.3AI score0.00499EPSS
Exploits0References1
NVD
NVD
added 2024/12/06 2:15 p.m.18 views

CVE-2024-53805

Missing Authorization vulnerability in brandtoss WP Mailster wp-mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through = 1.8.16.0...

9.8CVSS0.00565EPSS
Exploits0References1
OSV
OSV
added 2024/12/06 2:15 p.m.4 views

CVE-2024-53805

Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0...

9.8CVSS5.8AI score0.00565EPSS
Exploits0References1
OSV
OSV
added 2024/12/06 2:15 p.m.4 views

CVE-2024-53804

Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.16.0...

7.5CVSS7.3AI score0.00577EPSS
Exploits0References1
NVD
NVD
added 2024/12/06 2:15 p.m.24 views

CVE-2024-53803

Missing Authorization vulnerability in brandtoss WP Mailster wp-mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through = 1.8.16.0...

8.8CVSS0.00499EPSS
Exploits0References1
NVD
NVD
added 2024/12/06 2:15 p.m.21 views

CVE-2024-53804

Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster wp-mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through = 1.8.16.0...

7.5CVSS0.00577EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/06 1:7 p.m.13 views

CVE-2024-53803 WordPress WP Mailster plugin <= 1.8.16.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0...

6.5CVSS6.9AI score0.00499EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/06 1:7 p.m.39 views

CVE-2024-53803 WordPress WP Mailster plugin <= 1.8.16.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in brandtoss WP Mailster wp-mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through = 1.8.16.0...

6.5CVSS0.00499EPSS
Exploits0References1
CVE
CVE
added 2024/12/06 1:7 p.m.57 views

CVE-2024-53803

CVE-2024-53803 is a Missing Authorization / Broken Access Control vulnerability affecting the WordPress WP Mailster plugin up to version 1.8.16.0. Public sources describe an unauthorized access issue in WP Mailster’s access control, enabling exploitation without user interaction and with network ...

8.8CVSS7.2AI score0.00499EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/12/06 1:6 p.m.53 views

CVE-2024-53807

WP Mailster (Brandtoss) CVE-2024-53807 is a SQL Injection vulnerability affecting WP Mailster versions up to 1.8.16.0. Public docs indicate an authenticated (Contributor+) SQL injection via the orderby parameter, described as Blind SQL Injection with high impact. Patch status in the CVE details i...

9.8CVSS7.3AI score0.00459EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/06 1:6 p.m.10 views

CVE-2024-53807 WordPress WP Mailster plugin <= 1.8.16.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in brandtoss WP Mailster wp-mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through = 1.8.16.0...

8.5CVSS7.3AI score0.00459EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/06 1:6 p.m.23 views

CVE-2024-53807 WordPress WP Mailster plugin <= 1.8.16.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in brandtoss WP Mailster wp-mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through = 1.8.16.0...

8.5CVSS0.00459EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/06 1:5 p.m.12 views

CVE-2024-53804 WordPress WP Mailster plugin <= 1.8.16.0 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster wp-mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through = 1.8.16.0...

7.5CVSS8.6AI score0.00577EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/06 1:5 p.m.29 views

CVE-2024-53804 WordPress WP Mailster plugin <= 1.8.16.0 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster wp-mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through = 1.8.16.0...

7.5CVSS0.00577EPSS
Exploits0References1
Rows per page
Query Builder