Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-37055

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-36692

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00409EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/08 1:19 p.m.6 views

CVE-2025-49325

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Phishing.This issue affects Newspack Newsletters: from n/a through = 3.13.0...

4.7CVSS5.9AI score0.00263EPSS
Exploits0References1
NVD
NVD
added 2025/06/06 1:15 p.m.4 views

CVE-2025-49325

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Phishing.This issue affects Newspack Newsletters: from n/a through = 3.13.0...

4.7CVSS0.00263EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 12:53 p.m.41 views

CVE-2025-49325

CVE-2025-49325 – Open Redirect in Newspack Newsletters (Automattic) allows phishing via URL redirection. Affected: Newspack Newsletters

4.7CVSS5.9AI score0.00263EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/06 12:53 p.m.17 views

CVE-2025-49325 WordPress Newspack Newsletters plugin <= 3.13.0 - Open Redirection Vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Phishing.This issue affects Newspack Newsletters: from n/a through = 3.13.0...

4.7CVSS0.00263EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/06 12:0 a.m.6 views

PT-2025-24249 · Automattic · Newspack Newsletters

Name of the Vulnerable Software and Affected Versions: Automattic Newspack Newsletters versions prior to 3.13.0 Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability, which allows phishing attacks. Recommendations: For versions...

4.7CVSS4.6AI score0.00263EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.2 views

WordPress plugin Newspack Newsletters 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation error...

4.7CVSS5AI score0.00263EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/05 12:19 a.m.9 views

WordPress Newspack Newsletters plugin <= 3.13.0 - Open Redirection Vulnerability

Open Redirection Vulnerability discovered by Hiro Code016Hiro in WordPress Plugin Newspack Newsletters versions = 3.13.0...

4.7CVSS6.7AI score0.00263EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/01/02 12:15 p.m.7 views

CVE-2024-37242

Cross-Site Request Forgery CSRF vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Cross Site Request Forgery.This issue affects Newspack Newsletters: from n/a through = 2.13.2...

4.3CVSS0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/02 12:0 p.m.6 views

CVE-2024-37242 WordPress Newspack Newsletters plugin <= 2.13.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Automattic Newspack Newsletters allows Cross Site Request Forgery.This issue affects Newspack Newsletters: from n/a through 2.13.2...

4.3CVSS7.2AI score0.0018EPSS
Exploits0References1
CVE
CVE
added 2025/01/02 12:0 p.m.43 views

CVE-2024-37242

CVE-2024-37242 is a Cross-Site Request Forgery (CSRF) vulnerability in Automattic Newspack Newsletters, affecting version range n/a through 2.13.2. The connected records confirm the issue as a CSRF flaw in the WordPress plugin and reference public disclosures; no exploitation details or official ...

4.3CVSS5.9AI score0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.2 views

WordPress plugin Newspack Newsletters 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...

4.3CVSS6.5AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.4 views

PT-2025-2470 · Unknown · Newspack Newsletters

Name of the Vulnerable Software and Affected Versions: Newspack Newsletters versions through 2.13.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This can be achieved by tricking the user in...

4.3CVSS7AI score0.0018EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/01 2:18 p.m.11 views

CVE-2024-37475 WordPress Newspack Newsletters plugin <= 2.13.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Automattic Newspack Newsletters allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Newspack Newsletters: from n/a through 2.13.2...

5.3CVSS6.9AI score0.00409EPSS
Exploits0References1
CVE
CVE
added 2024/11/01 2:18 p.m.44 views

CVE-2024-37475

CVE-2024-37475 is a Missing Authorization vulnerability in the WordPress plugin Newspack Newsletters (versions

5.3CVSS5.3AI score0.00409EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.6 views

WordPress plugin Newspack Newsletters 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.6AI score0.00409EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/01 12:0 a.m.5 views

PT-2024-27584 · Unknown · Newspack Newsletters

Name of the Vulnerable Software and Affected Versions: Newspack Newsletters versions n/a through 2.13.2 Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions n/a through...

5.3CVSS7.1AI score0.00409EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/07/01 12:36 p.m.4 views

WordPress Newspack Newsletters plugin <= 2.13.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Newsletters versions = 2.13.2...

5.3CVSS7AI score0.00409EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:0 a.m.10 views

WordPress Newspack Newsletters Plugin <= 2.13.2 is vulnerable to Broken Access Control

Software Newspack Newsletters Type Plugin Vulnerable versions = 2.13.2 Fixed in 2.13.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37475 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID eaec81ca6f12 Credits Rafie Muhammad...

5.3CVSS6.3AI score0.00409EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder