27 matches found
EUVD-2024-46072
Malicious code in bioql PyPI...
EUVD-2025-31690
Malicious code in bioql PyPI...
CVE-2025-9762
The Post By Email plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the saveattachments function in all versions up to, and including, 1.0.4b. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's...
CVE-2025-9762
The Post By Email plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the saveattachments function in all versions up to, and including, 1.0.4b. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's...
CVE-2025-9762 Post By Email <= 1.0.4b - Unauthenticated Arbitrary File Upload via Email Attachments
The Post By Email plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the saveattachments function in all versions up to, and including, 1.0.4b. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's...
CVE-2025-9762
CVE-2025-9762 affects the WordPress plugin Post By Email (versions ≤ 1.0.4b). The vulnerability arises from missing file type validation in save_attachments, allowing unauthenticated arbitrary file uploads to the server, with potential for remote code execution. Wordfence’s vulnerability report q...
CVE-2025-9762 Post By Email <= 1.0.4b - Unauthenticated Arbitrary File Upload via Email Attachments
The Post By Email plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the saveattachments function in all versions up to, and including, 1.0.4b. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's...
WordPress Post By Email plugin <= 1.0.4b - Unauthenticated Arbitrary File Upload via Email Attachments vulnerability
Unauthenticated Arbitrary File Upload via Email Attachments vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Post By Email versions = 1.0.4b...
WordPress plugin Post By Email Operating System Command Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based...
PT-2025-39947
Name of the Vulnerable Software and Affected Versions Post By Email versions through 1.0.4b Description The Post By Email plugin for WordPress is susceptible to arbitrary file uploads because of a lack of file type validation within the save attachments function. This allows unauthenticated...
Linux Distros Unpatched Vulnerability : CVE-2022-43504
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who...
CVE-2024-52463
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Peter Westwood Post By Email post-by-email allows Reflected XSS.This issue affects Post By Email: from n/a through = 1.0.4b...
CVE-2024-52463
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Peter Westwood Post By Email post-by-email allows Reflected XSS.This issue affects Post By Email: from n/a through = 1.0.4b...
CVE-2024-52463 WordPress Post By Email plugin <= 1.0.4b - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Peter Westwood Post By Email post-by-email allows Reflected XSS.This issue affects Post By Email: from n/a through = 1.0.4b...
CVE-2024-52463 WordPress Post By Email plugin <= 1.0.4b - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kat Hagan Post By Email allows Reflected XSS.This issue affects Post By Email: from n/a through 1.0.4b...
CVE-2024-52463
CVE-2024-52463 is a reflected XSS affecting the WordPress Post By Email plugin (versions
WordPress Post By Email plugin <= 1.0.4b - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Post By Email versions = 1.0.4b...
WordPress Post By Email Plugin <= 1.0.4b is vulnerable to Cross Site Scripting (XSS)
Software Post By Email Type Plugin Vulnerable versions = 1.0.4b Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52463 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d62ded22dc8c Credits Mika Required privilege...
BIT-WORDPRESS-2022-43504
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7...
BIT-WORDPRESS-MULTISITE-2022-43504
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7...