105 matches found
CVE-2025-62873
Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...
CVE-2025-67599
Missing Authorization vulnerability in WebToffee WebToffee eCommerce Marketing Automation decorator-woocommerce-email-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebToffee eCommerce Marketing Automation: from n/a through = 2.1.1...
EUVD-2025-202011
Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...
CVE-2025-67599
Missing Authorization vulnerability in WebToffee WebToffee eCommerce Marketing Automation decorator-woocommerce-email-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebToffee eCommerce Marketing Automation: from n/a through = 2.1.1...
CVE-2025-62873
Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...
CVE-2025-62873 WordPress WP Flashy Marketing Automation plugin <= 2.0.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...
CVE-2025-62873
CVE-2025-62873 is a Cross‑Site Request Forgery (CSRF) vulnerability in the WordPress plugin WP Flashy Marketing Automation (wp-flashy-marketing-automation) affecting versions from n/a through 2.0.8. The CVSS v3.1 vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N with a base score of 4.3 (Med...
CVE-2025-62873 WordPress WP Flashy Marketing Automation plugin <= 2.0.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...
CVE-2025-67599 WordPress WebToffee eCommerce Marketing Automation plugin <= 2.1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebToffee WebToffee eCommerce Marketing Automation decorator-woocommerce-email-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebToffee eCommerce Marketing Automation: from n/a through = 2.1.1...
CVE-2025-67599
CVE-2025-67599 affects the WordPress plug‑in WebToffee eCommerce Marketing Automation (decorator-woocommerce-email-customizer) up to version 2.1.1. The root cause is a Missing Authorization due to incorrectly configured access control security levels, enabling potential unauthorized access. The i...
CVE-2025-67599 WordPress WebToffee eCommerce Marketing Automation plugin <= 2.1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebToffee WebToffee eCommerce Marketing Automation decorator-woocommerce-email-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebToffee eCommerce Marketing Automation: from n/a through = 2.1.1...
WordPress plugin WebToffee eCommerce Marketing Automation 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress plugin WP Flashy Marketing Automation 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site request...
PT-2025-50018
Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...
PT-2025-49973
Name of the Vulnerable Software and Affected Versions WebToffee eCommerce Marketing Automation versions through 2.1.1 Description A missing authorization issue exists in the WebToffee eCommerce Marketing Automation plugin's decorator-woocommerce-email-customizer component. This allows exploitatio...
WordPress WP Flashy Marketing Automation plugin <= 2.0.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin WP Flashy Marketing Automation versions = 2.0.8...
HCL Unica 安全漏洞
HCL Unica is an enterprise-level marketing automation and campaign management platform from HCL India. A security vulnerability exists in HCL Unica version 12.0.0 that stems from vulnerability to file upload attacks...
WordPress WebToffee eCommerce Marketing Automation plugin <= 2.1.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin WebToffee eCommerce Marketing Automation versions = 2.1.1...
EUVD-2024-44929
Malicious code in bioql PyPI...
EUVD-2025-4397
Malicious code in bioql PyPI...