Lucene search
+L

54 matches found

Patchstack
Patchstack
added 2026/01/30 3:37 a.m.8 views

WordPress SendPress Newsletters plugin <= 1.23.11.6 - Admin+ Stored XSS via Settings vulnerability

Admin+ Stored XSS via Settings vulnerability discovered by Manab Jyoti Dowarah in WordPress Plugin SendPress Newsletters versions = 1.23.11.6...

6.8CVSS5.9AI score0.0071EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2026/01/30 3:35 a.m.13 views

WordPress SendPress Newsletters plugin <= 1.23.11.6 - Admin+ Stored XSS via Form Settings vulnerability

Admin+ Stored XSS via Form Settings vulnerability discovered by Manab Jyoti Dowarah in WordPress Plugin SendPress Newsletters versions = 1.23.11.6...

6.1CVSS5.9AI score0.00405EPSS
Exploits2References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-46221

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00316EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-39077

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00347EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-46222

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00211EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:16 a.m.7 views

CVE-2023-47517

Unauth. Reflected Cross-Site Scripting XSS vulnerability in SendPress Newsletters plugin = 1.23.11.6 versions...

7.1CVSS6.9AI score0.00412EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:13 a.m.6 views

CVE-2023-41729

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in SendPress Newsletters plugin = 1.22.3.31 versions...

5.9CVSS6.5AI score0.00316EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:37 a.m.11 views

CVE-2023-41730

Cross-Site Request Forgery CSRF vulnerability in SendPress Newsletters plugin = 1.22.3.31 versions...

8.8CVSS8.5AI score0.00211EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:6 a.m.11 views

CVE-2023-35040

Missing Authorization vulnerability in SendPress SendPress Newsletters.This issue affects SendPress Newsletters: from n/a through 1.23.11.6...

9.8CVSS8.6AI score0.00347EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/06/14 12:15 a.m.9 views

CVE-2023-35040

Missing Authorization vulnerability in brewlabs SendPress Newsletters sendpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SendPress Newsletters: from n/a through = 1.26.1.20...

9.8CVSS5.8AI score0.00347EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/06/13 11:51 p.m.12 views

CVE-2023-35040 WordPress SendPress Newsletters plugin <= 1.26.1.20 - Broken Access Control vulnerability

Missing Authorization vulnerability in brewlabs SendPress Newsletters sendpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SendPress Newsletters: from n/a through = 1.26.1.20...

5.3CVSS7.3AI score0.00347EPSS
Exploits0References1
CVE
CVE
added 2024/06/13 11:51 p.m.62 views

CVE-2023-35040

CVE-2023-35040 affects WordPress plugin SendPress Newsletters (versions up to and including 1.23.11.6). The issue is described as a Missing Authorization / Broken Access Control vulnerability in SendPress Newsletters, with unauthenticated access potentially allowed due to insufficient authorizati...

9.8CVSS8.6AI score0.00347EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/06/13 11:51 p.m.39 views

CVE-2023-35040 WordPress SendPress Newsletters plugin <= 1.23.11.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in SendPress SendPress Newsletters.This issue affects SendPress Newsletters: from n/a through 1.23.11.6...

5.3CVSS0.00347EPSS
Exploits0References1
OSV
OSV
added 2024/06/13 11:51 p.m.6 views

CVE-2023-35040 WordPress SendPress Newsletters plugin <= 1.23.11.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in SendPress SendPress Newsletters.This issue affects SendPress Newsletters: from n/a through 1.23.11.6...

5.3CVSS7.2AI score0.00347EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.5 views

WordPress plugin SendPress Newsletters Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

9.8CVSS6.8AI score0.00347EPSS
Exploits0References2
NVD
NVD
added 2024/04/08 5:15 a.m.16 views

CVE-2024-1589

The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

6.1CVSS5.4AI score0.00405EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/04/08 5:0 a.m.12 views

CVE-2024-1589 SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Form Settings

The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.7AI score0.00405EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/04/08 5:0 a.m.22 views

CVE-2024-1588 SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Settings

The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.7AI score0.0071EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/04/08 5:0 a.m.31 views

CVE-2024-1589 SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Form Settings

The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.5AI score0.00405EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/04/08 5:0 a.m.28 views

CVE-2024-1588 SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Settings

The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.5AI score0.0071EPSS
Exploits2References1
Rows per page
Query Builder