22 matches found
EUVD-2024-37055
Malicious code in bioql PyPI...
EUVD-2024-36692
Malicious code in bioql PyPI...
CVE-2025-49325
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Phishing.This issue affects Newspack Newsletters: from n/a through = 3.13.0...
CVE-2025-49325
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Phishing.This issue affects Newspack Newsletters: from n/a through = 3.13.0...
CVE-2025-49325
CVE-2025-49325 – Open Redirect in Newspack Newsletters (Automattic) allows phishing via URL redirection. Affected: Newspack Newsletters
CVE-2025-49325 WordPress Newspack Newsletters plugin <= 3.13.0 - Open Redirection Vulnerability
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Phishing.This issue affects Newspack Newsletters: from n/a through = 3.13.0...
PT-2025-24249 · Automattic · Newspack Newsletters
Name of the Vulnerable Software and Affected Versions: Automattic Newspack Newsletters versions prior to 3.13.0 Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability, which allows phishing attacks. Recommendations: For versions...
WordPress plugin Newspack Newsletters 输入验证错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation error...
WordPress Newspack Newsletters plugin <= 3.13.0 - Open Redirection Vulnerability
Open Redirection Vulnerability discovered by Hiro Code016Hiro in WordPress Plugin Newspack Newsletters versions = 3.13.0...
CVE-2024-37242
Cross-Site Request Forgery CSRF vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Cross Site Request Forgery.This issue affects Newspack Newsletters: from n/a through = 2.13.2...
CVE-2024-37242 WordPress Newspack Newsletters plugin <= 2.13.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Automattic Newspack Newsletters allows Cross Site Request Forgery.This issue affects Newspack Newsletters: from n/a through 2.13.2...
CVE-2024-37242
CVE-2024-37242 is a Cross-Site Request Forgery (CSRF) vulnerability in Automattic Newspack Newsletters, affecting version range n/a through 2.13.2. The connected records confirm the issue as a CSRF flaw in the WordPress plugin and reference public disclosures; no exploitation details or official ...
WordPress plugin Newspack Newsletters 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...
PT-2025-2470 · Unknown · Newspack Newsletters
Name of the Vulnerable Software and Affected Versions: Newspack Newsletters versions through 2.13.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This can be achieved by tricking the user in...
CVE-2024-37475 WordPress Newspack Newsletters plugin <= 2.13.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Automattic Newspack Newsletters allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Newspack Newsletters: from n/a through 2.13.2...
CVE-2024-37475
CVE-2024-37475 is a Missing Authorization vulnerability in the WordPress plugin Newspack Newsletters (versions
WordPress plugin Newspack Newsletters 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-27584 · Unknown · Newspack Newsletters
Name of the Vulnerable Software and Affected Versions: Newspack Newsletters versions n/a through 2.13.2 Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions n/a through...
WordPress Newspack Newsletters plugin <= 2.13.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Newsletters versions = 2.13.2...
WordPress Newspack Newsletters Plugin <= 2.13.2 is vulnerable to Broken Access Control
Software Newspack Newsletters Type Plugin Vulnerable versions = 2.13.2 Fixed in 2.13.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37475 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID eaec81ca6f12 Credits Rafie Muhammad...