Lucene search
K

134 matches found

CVE
CVE
added 2025/10/22 6:0 a.m.18 views

CVE-2025-10638

CVE-2025-10638 affects the NS Maintenance Mode for WP WordPress plugin (versions up to 1.3.1). The vulnerability enables unauthenticated attackers to access the subscriber export function and download a list of site subscribers, including their names and email addresses. The linked documents conf...

5.3CVSS6.5AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.7 views

WordPress plugin NS Maintenance Mode for WP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A security...

5.3CVSS6.6AI score0.00224EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-50174

Malicious code in bioql PyPI...

9.1CVSS7.5AI score0.00674EPSS
Exploits0References3
HackRead
HackRead
added 2025/07/31 2:3 p.m.7 views

Researchers Link New SS7 Encoding Attack to Surveillance Vendor Activity

Researchers identify a new SS7 encoding attack used by a surveillance vendor to bypass security and access mobile subscriber data without detection...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/06 12:7 a.m.20 views

CVE-2022-47410

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations...

9.1CVSS6.8AI score0.00674EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/11/25 11:30 a.m.27 views

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18 - Nov 24)

We hear terms like "state-sponsored attacks" and "critical vulnerabilities" all the time, but what's really going on behind those words? This week's cybersecurity news isn't just about hackers and headlines—it's about how digital risks shape our lives in ways we might not even realize. For...

10CVSS10AI score0.99698EPSS
Exploits39
GithubExploit
GithubExploit
added 2024/10/09 7:24 p.m.151 views

Exploit for CVE-2024-2876

CVE-2024-2876 - SQL Injection Vulnerability in Email Subscribe...

9.8CVSS10AI score0.80596EPSS
Exploits4
OSV
OSV
added 2024/08/29 1:15 p.m.6 views

CVE-2024-2541

The Popup Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.3 via the Subscribers Import feature. This makes it possible for unauthenticated attackers to extract sensitive data after an administrator has imported subscribers via...

7.5CVSS5.8AI score0.00564EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/08/12 1:16 p.m.6 views

WordPress Leopard plugin <= 2.0.36 - Subscriber+ Sensitive Data Exposure vulnerability

Subscriber+ Sensitive Data Exposure vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Leopard - WordPress offload media versions = 2.0.36...

6.5CVSS7AI score0.00418EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/02/28 9:15 a.m.2 views

CVE-2023-6922

The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.6 via the 'acxcsmasubscribeajax' function. This can allow authenticated attackers to extract sensitive data such as names and email...

6.5CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2023/08/17 9:15 p.m.20 views

CVE-2023-39974

Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific list...

5.3CVSS5.2AI score0.00424EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/04/23 12:0 a.m.6 views

Nokia OneNDS 权限许可和访问控制问题漏洞

Nokia OneNDS is a web directory server from Nokia, Finland. It is a core element of the Subscriber Data Management SDM solution. A vulnerability in Nokia OneNDS 17r2 exists in the form of a privilege permission and access control issue vulnerability that stems from incorrect privilege management...

7.8CVSS7.4AI score0.00329EPSS
Exploits2References5
CNNVD
CNNVD
added 2023/04/21 12:0 a.m.4 views

Nokia OneNDS 权限许可和访问控制问题漏洞

Nokia OneNDS is a web directory server from Nokia, Finland. It is a core element of the Subscriber Data Management SDM solution. A privilege permission and access control issue vulnerability exists in Nokia OneNDS version 20.9, which stems from an error in the security configuration and can be...

8.8CVSS7.9AI score0.01137EPSS
Exploits3References4
OSV
OSV
added 2022/12/14 9:30 p.m.4 views

GHSA-VXMC-QG5X-PVFX "Newsletter subscriber management" (fp_newsletter) TYPO3 extension leaks subscriber data

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations...

7.5CVSS9.2AI score0.00674EPSS
Exploits0References3
OSV
OSV
added 2022/12/14 9:30 p.m.12 views

GHSA-R44W-PFX8-28JV "Newsletter subscriber management" (fp_newsletter) TYPO3 extension leaks subscriber data

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations...

7.5CVSS9.2AI score0.00674EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/12/14 9:30 p.m.17 views

"Newsletter subscriber management" (fp_newsletter) TYPO3 extension leaks subscriber data

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations...

9.1CVSS6.7AI score0.00674EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/12/14 9:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations...

5CVSS7.5AI score0.00674EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/12/14 12:0 a.m.5 views

TYPO3 安全漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 fpnewsletter, which stems from the fact that its subscriber's data can be obtained via an unsubscribeAction operation...

9.1CVSS7.3AI score0.00674EPSS
Exploits0References2
CVE
CVE
added 2022/12/14 12:0 a.m.54 views

CVE-2022-47411

The CVE-2022-47411 flaw affects the TYPO3 fp_newsletter extension and allows exposure of subscriber data via unsubscribeAction. Affected versions include 1.0–1.1.0, 1.2.0, 2.0–2.1.1, 2.2.1–2.4.0, and 3.0–3.2.5. Remediation paths per PT-Security: upgrade to 1.1.1 (or later) for 1.x; to 2.1.2 (or l...

9.1CVSS7.5AI score0.00674EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/12/14 12:0 a.m.59 views

CVE-2022-47410

The CVE-2022-47410 entry affects the TYPO3 fp_newsletter (Newsletter subscriber management) extension. The reported issue is that data about subscribers may be obtained via createAction operations, with vulnerable versions including before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1–2.4.0, and 3.x befo...

9.1CVSS7.5AI score0.00674EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder