EUVD-2024-43484

Malicious code in bioql PyPI...

CVE-2023-4772

The Newsletter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'newsletterform' shortcode in versions up to, and including, 7.8.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers wi...

CVE-2024-49621

Cross-Site Request Forgery CSRF vulnerability in aatmaadhikari APA Register Newsletter Form apa-register-newsletter-form allows SQL Injection.This issue affects APA Register Newsletter Form: from n/a through = 1.0.0...

CVE-2024-49621

Cross-Site Request Forgery CSRF vulnerability in aatmaadhikari APA Register Newsletter Form apa-register-newsletter-form allows SQL Injection.This issue affects APA Register Newsletter Form: from n/a through = 1.0.0...

CVE-2024-49621

Cross-Site Request Forgery CSRF vulnerability in Apa APA Register Newsletter Form allows SQL Injection.This issue affects APA Register Newsletter Form: from n/a through 1.0.0...

CVE-2024-49621 WordPress APA Register Newsletter Form plugin <= 1.0.0 - CSRF to SQL Injection vulnerability

Cross-Site Request Forgery CSRF vulnerability in Apa APA Register Newsletter Form allows SQL Injection.This issue affects APA Register Newsletter Form: from n/a through 1.0.0...

CVE-2024-49621

CVE-2024-49621 : Apache Register Newsletter Form plugin for WordPress (

CVE-2024-49621 WordPress APA Register Newsletter Form plugin <= 1.0.0 - CSRF to SQL Injection vulnerability

Cross-Site Request Forgery CSRF vulnerability in aatmaadhikari APA Register Newsletter Form apa-register-newsletter-form allows SQL Injection.This issue affects APA Register Newsletter Form: from n/a through = 1.0.0...

PT-2024-33576 · Unknown · Apa Register Newsletter Form

Name of the Vulnerable Software and Affected Versions: APA Register Newsletter Form versions n/a through 1.0.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows SQL Injection in the APA Register Newsletter Form. This means an attacker can trick a user into...

WordPress plugin APA Register Newsletter Form 跨站请求伪造漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

WordPress APA Register Newsletter Form plugin <= 1.0.0 - CSRF to SQL Injection vulnerability

CSRF to SQL Injection vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin APA Register Newsletter Form versions = 1.0.0...

WordPress APA Register Newsletter Form Plugin <= 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software APA Register Newsletter Form Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Request Forgery CSRF CVE CVE-2024-49621 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 167103aaee5c Credits João Pedro S Alcânta...

CVE-2023-4772

The Newsletter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'newsletterform' shortcode in versions up to, and including, 7.8.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers wi...

PT-2023-30582 · WordPress · The Newsletter Plugin

Name of the Vulnerable Software and Affected Versions: The Newsletter plugin for WordPress versions up to, and including, 7.8.9 Description: The issue is related to Stored Cross-Site Scripting via the 'newsletter form' shortcode due to insufficient input sanitization and output escaping on...

Shopify: Reflective Cross-site Scripting via Newsletter Form

.myshopify.com is vulnerable to a reflective cross-site scripting attack in the newsletter form. This can be crafted to trigger on a page load without any further user interaction. The following example url shows this vulnerability:...

CVE-2007-1179

WebAPP before 0.9.9.5 does not properly manage e-mail addresses in certain contexts related to 1 the Recommend feature, Email Article 2 senders and 3 recipients, 4 New User Approval, 5 Edit Profiles, 6 the Newsletter Subscription form, 7 the Recommend form, and 8 sending of articles, which has...