18 matches found
EUVD-2025-13851
Malicious code in bioql PyPI...
EUVD-2025-17273
Malicious code in bioql PyPI...
EUVD-2025-30772
Malicious code in bioql PyPI...
EUVD-2025-13832
Malicious code in bioql PyPI...
EUVD-2025-10567
Malicious code in bioql PyPI...
CVE-2025-53454
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Stored XSS.This issue affects Ultimate WP Mail: from n/a through = 1.3.8...
CVE-2025-49288
Missing Authorization vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Authentication Bypass.This issue affects Ultimate WP Mail: from n/a through = 1.3.5...
CVE-2025-49288
Missing Authorization vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Authentication Bypass.This issue affects Ultimate WP Mail: from n/a through = 1.3.5...
CVE-2025-49288
CVE-2025-49288 – A Missing Authorization vulnerability in the WordPress plugin Ultimate WP Mail (ultimate-wp-mail) allows Authentication Bypass in versions
PT-2025-24223 · WordPress · Rustaurius Ultimate Wp Mail
Name of the Vulnerable Software and Affected Versions: Rustaurius Ultimate WP Mail versions 1.3.5 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For Rustaurius...
CVE-2025-47466
Cross-Site Request Forgery CSRF vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Cross Site Request Forgery.This issue affects Ultimate WP Mail: from n/a through = 1.3.4...
CVE-2025-47490
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows SQL Injection.This issue affects Ultimate WP Mail: from n/a through = 1.3.4...
CVE-2025-47490
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows SQL Injection.This issue affects Ultimate WP Mail: from n/a through = 1.3.4...
CVE-2025-47466
Cross-Site Request Forgery CSRF vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Cross Site Request Forgery.This issue affects Ultimate WP Mail: from n/a through = 1.3.4...
CVE-2025-47490 WordPress Ultimate WP Mail plugin <= 1.3.4 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows SQL Injection.This issue affects Ultimate WP Mail: from n/a through = 1.3.4...
CVE-2025-47490
CVE-2025-47490 is a WordPress vulnerability in the Ultimate WP Mail plugin (versions up to 1.3.4) causing SQL Injection due to improper neutralization of input in SQL commands. Documented references show the issue affects Ultimate WP Mail
PT-2025-20097 · WordPress · Rustaurius Ultimate Wp Mail
Name of the Vulnerable Software and Affected Versions: Rustaurius Ultimate WP Mail versions 1.3.4 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. Recommendations: For Rustaurius...
PT-2025-20116 · Unknown · Rustaurius Ultimate Wp Mail
Name of the Vulnerable Software and Affected Versions: Rustaurius Ultimate WP Mail versions 1.3.4 and below Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows unauthorized access and enables...