106 matches found
WordPress Groundhogg — CRM, Newsletters, and Marketing Automation plugin <= 4.5.8 - Authenticated (Custom+) SQL Injection vulnerability
Authenticated Custom+ SQL Injection vulnerability discovered by PRISM in WordPress Plugin Groundhogg versions = 4.5.8...
CVE-2025-62873
Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...
CVE-2025-67599
Missing Authorization vulnerability in WebToffee WebToffee eCommerce Marketing Automation decorator-woocommerce-email-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebToffee eCommerce Marketing Automation: from n/a through = 2.1.1...
EUVD-2025-202011
Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...
CVE-2025-67599
Missing Authorization vulnerability in WebToffee WebToffee eCommerce Marketing Automation decorator-woocommerce-email-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebToffee eCommerce Marketing Automation: from n/a through = 2.1.1...
CVE-2025-62873
Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...
CVE-2025-62873
CVE-2025-62873 is a Cross‑Site Request Forgery (CSRF) vulnerability in the WordPress plugin WP Flashy Marketing Automation (wp-flashy-marketing-automation) affecting versions from n/a through 2.0.8. The CVSS v3.1 vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N with a base score of 4.3 (Med...
CVE-2025-62873 WordPress WP Flashy Marketing Automation plugin <= 2.0.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...
CVE-2025-62873 WordPress WP Flashy Marketing Automation plugin <= 2.0.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...
CVE-2025-67599 WordPress WebToffee eCommerce Marketing Automation plugin <= 2.1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebToffee WebToffee eCommerce Marketing Automation decorator-woocommerce-email-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebToffee eCommerce Marketing Automation: from n/a through = 2.1.1...
CVE-2025-67599 WordPress WebToffee eCommerce Marketing Automation plugin <= 2.1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebToffee WebToffee eCommerce Marketing Automation decorator-woocommerce-email-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebToffee eCommerce Marketing Automation: from n/a through = 2.1.1...
CVE-2025-67599
CVE-2025-67599 affects the WordPress plug‑in WebToffee eCommerce Marketing Automation (decorator-woocommerce-email-customizer) up to version 2.1.1. The root cause is a Missing Authorization due to incorrectly configured access control security levels, enabling potential unauthorized access. The i...
WordPress plugin WebToffee eCommerce Marketing Automation 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress plugin WP Flashy Marketing Automation 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site request...
PT-2025-50018
Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...
PT-2025-49973
Name of the Vulnerable Software and Affected Versions WebToffee eCommerce Marketing Automation versions through 2.1.1 Description A missing authorization issue exists in the WebToffee eCommerce Marketing Automation plugin's decorator-woocommerce-email-customizer component. This allows exploitatio...
WordPress WP Flashy Marketing Automation plugin <= 2.0.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin WP Flashy Marketing Automation versions = 2.0.8...
HCL Unica 安全漏洞
HCL Unica is an enterprise-level marketing automation and campaign management platform from HCL India. A security vulnerability exists in HCL Unica version 12.0.0 that stems from vulnerability to file upload attacks...
WordPress WebToffee eCommerce Marketing Automation plugin <= 2.1.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin WebToffee eCommerce Marketing Automation versions = 2.1.1...
EUVD-2023-55590
Malicious code in bioql PyPI...