CVE-2025-68529

Cross-Site Request Forgery CSRF vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Cross Site Request Forgery.This issue affects WP Email Capture: from n/a through = 3.12.5...

EUVD-2025-205193

Cross-Site Request Forgery CSRF vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Cross Site Request Forgery.This issue affects WP Email Capture: from n/a through = 3.12.5...

CVE-2025-68529

Technical details for CVE-2025-68529 are not provided in the supplied connected documents. Current information confirms CSRF vulnerability in WP Email Capture

PT-2025-53094

Name of the Vulnerable Software and Affected Versions WP Email Capture versions through 3.12.5 Description The software contains a Cross-Site Request Forgery CSRF flaw. This allows attackers to potentially perform actions on behalf of authenticated users without their knowledge. Recommendations...

CVE-2025-67578 WordPress WP Email Capture plugin <= 3.12.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Email Capture: from n/a through = 3.12.4...

EUVD-2023-27809

Malicious code in bioql PyPI...

EUVD-2023-32117

Malicious code in bioql PyPI...

EUVD-2023-27810

Malicious code in bioql PyPI...

CVE-2023-23724

Cross-Site Request Forgery CSRF vulnerability in Winwar Media WP Email Capture plugin = 3.9.3 versions...

Code injection

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Winwar Media WordPress Email Marketing Plugin – WP Email Capture.This issue affects WordPress Email Marketing Plugin – WP Email Capture: from n/a through 3.10...

CVE-2023-28421

CVE-2023-28421 affects the WordPress plugin WordPress Email Marketing Plugin – WP Email Capture (versions up to 3.10). The issue is an information disclosure vulnerability that could allow an unauthenticated actor to access sensitive data. Remediation: update to version 3.11 or later. The CVE has...

CVE-2023-23724

Cross-Site Request Forgery CSRF vulnerability in Winwar Media WP Email Capture plugin = 3.9.3 versions...

CVE-2023-23724 WordPress WordPress Email Marketing Plugin – WP Email Capture Plugin <= 3.9.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Winwar Media WP Email Capture plugin = 3.9.3 versions...

PT-2023-19163 · Winwar Media · Wp Email Capture

Name of the Vulnerable Software and Affected Versions: Winwar Media WP Email Capture plugin versions = 3.9.3 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a...

CVE-2023-23723

CVE-2023-23723 describes a stored XSS vulnerability in the WordPress plugin “WP Email Capture” by Winwar Media, affecting versions up to 3.9.3. The underlying issue is insufficient sanitization/escaping of certain settings, enabling an attacker with administrator privileges to trigger stored cros...

WP Email Capture < 3.10 - Email Captures Update via CSRF

The plugin does not have CSRF checks when updating its Email Captures, which could allow attackers to make logged in admins perform such action via a CSRF attack...