9 matches found
EUVD-2018-1412
Malware in sbrugna...
EUVD-2025-21667
Malicious code in bioql PyPI...
CVE-2025-54034
CVE-2025-54034 corresponds to a Local File Inclusion in WordPress Newsletters (Tribulant Software Newsletters) up to version 4.10. The issue arises from improper control of the filename used in include/require, enabling local file inclusion. CVSS v3.1 base score 7.5 (HIGH) with attack vector NETW...
PT-2025-20834 · WordPress · Newsletters
Name of the Vulnerable Software and Affected Versions: Newsletters plugin for WordPress versions up to and including 4.9.9.8 Description: The issue allows authenticated attackers with Contributor-level access or higher to inject additional SQL queries into existing ones, potentially extracting...
CVE-2019-20361
There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to be passed to the database in the hash parameter a blind SQL injection vulnerability...
CVE-2024-32953
Insertion of Sensitive Information into Log File vulnerability in Newsletters.This issue affects Newsletters: from n/a through 4.9.5...
CVE-2024-31352
Missing Authorization vulnerability in Email Subscribers & Newsletters.This issue affects Email Subscribers & Newsletters: from n/a through 5.7.13...
WordPress plugin Newsletters 日志信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A log information disclosur...
osCommerce 2.2 - '/admin/newsletters.php?page' Cross-Site Scripting
source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attack...