Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-9570

Malware in sbrugna...

6.5CVSS6AI score0.00388EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2025/05/23 8:15 a.m.2 views

CVE-2024-9440

Slim Select 2.0 versions through 2.9.0 are affected by a potential cross-site scripting vulnerability. In select.ts:createOption, the text variable from the user-provided Options object is assigned to an innerHTML without sanitation. Software that depends on this library to dynamically generate...

6.1CVSS6.2AI score0.00256EPSS
Exploits1References1
OSV
OSVadded 2019/12/26 3:15 a.m.1 views

CVE-2019-19982

The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for unauthenticated option creation. In order to exploit this vulnerability, an attacker would need to send a /wp-admin/admin-post.php?esskip=1&optionname= request...

5.3CVSS5.8AI score0.00388EPSS
Exploits1References2
NVD
NVDadded 2019/12/26 3:15 a.m.8 views

CVE-2019-19982

The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for unauthenticated option creation. In order to exploit this vulnerability, an attacker would need to send a /wp-admin/admin-post.php?esskip=1&optionname= request...

6.5CVSS5.5AI score0.00388EPSS
Exploits1References2
Prion
Prionadded 2019/12/26 3:15 a.m.9 views

Design/Logic Flaw

The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for unauthenticated option creation. In order to exploit this vulnerability, an attacker would need to send a /wp-admin/admin-post.php?esskip=1&optionname= request...

5CVSS5.3AI score0.00388EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2019/12/26 2:25 a.m.84 views

CVE-2019-19982

The CVE-2019-19982 entry concerns the WordPress plugin Email Subscribers & Newsletters prior to version 4.2.3 . The vulnerability allows unauthenticated option creation when an attacker sends a request to /wp-admin/admin-post.php?es_skip=1&option_name= , enabling modification of plugin options wi...

6.5CVSS5.5AI score0.00388EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2019/12/26 2:25 a.m.9 views

CVE-2019-19982

The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for unauthenticated option creation. In order to exploit this vulnerability, an attacker would need to send a /wp-admin/admin-post.php?esskip=1&optionname= request...

6.5CVSS5.5AI score0.00388EPSS
Exploits1References2
CNVD
CNVDadded 2019/12/26 12:0 a.m.1 views

WordPress Email Subscribers & Newsletters Unauthenticated Options Creation Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Email Subscribers & Newsletters is an email subscription and newsletter plugin used in it. An unauthenticated option creation...

6.5CVSS6.7AI score0.00388EPSS
Exploits1References1
WPVulnDB
WPVulnDBadded 2019/11/13 12:0 a.m.33 views

Email Subscribers & Newsletters < 4.2.3 - Multiple Issues

- Unauthenticated File Download leading to Information Disclosure - Blind SQL Injection in INSERT statement - Insecure Permissions on Dashboard and Settings - CSRF on Settings - Send Test Emails from the Administrative Dashboard as an Authenticated User with a role of Subscriber and above -...

6.5CVSS2.3AI score0.79595EPSS
Exploits8References2Affected Software1
Rows per page
Query Builder