Lucene search
+L

24 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-17247

Malicious code in bioql PyPI...

4.7CVSS5.2AI score0.00263EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-36654

Malicious code in bioql PyPI...

9.9CVSS6.5AI score0.00492EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-36653

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.0045EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-36694

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00394EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-40617

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00421EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/06/08 1:19 p.m.6 views

CVE-2025-49325

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Phishing.This issue affects Newspack Newsletters: from n/a through = 3.13.0...

4.7CVSS5.9AI score0.00263EPSS
Exploits0References1
cve
cve
added 2025/06/06 12:53 p.m.44 views

CVE-2025-49325

CVE-2025-49325 – Open Redirect in Newspack Newsletters (Automattic) allows phishing via URL redirection. Affected: Newspack Newsletters

4.7CVSS5.9AI score0.00263EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/06/06 12:0 a.m.8 views

PT-2025-24249 · Automattic · Newspack Newsletters

Name of the Vulnerable Software and Affected Versions: Automattic Newspack Newsletters versions prior to 3.13.0 Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability, which allows phishing attacks. Recommendations: For versions...

4.7CVSS4.6AI score0.00263EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/05/23 7:43 a.m.9 views

CVE-2024-37476

Cross Site Scripting XSS vulnerability in Automattic Newspack Campaigns allows Stored XSS.This issue affects Newspack Campaigns: from n/a through 2.31.1...

6.5CVSS5.8AI score0.00277EPSS
Exploits0
redhatcve
redhatcve
added 2025/05/23 7:43 a.m.10 views

CVE-2024-37474

Cross Site Scripting XSS vulnerability in Automattic Newspack Ads allows Stored XSS.This issue affects Newspack Ads: from n/a through 1.47.1...

6.5CVSS5.8AI score0.00277EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 7:42 a.m.5 views

CVE-2024-37242

Cross-Site Request Forgery CSRF vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Cross Site Request Forgery.This issue affects Newspack Newsletters: from n/a through = 2.13.2...

4.3CVSS5.9AI score0.0018EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/05 12:47 a.m.8 views

CVE-2024-37115

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Automattic Newspack Blocks.This issue affects Newspack Blocks: from n/a through 3.0.8...

7.5CVSS6.8AI score0.00551EPSS
Exploits0References1
nvd
nvd
added 2025/01/02 12:15 p.m.7 views

CVE-2024-37242

Cross-Site Request Forgery CSRF vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Cross Site Request Forgery.This issue affects Newspack Newsletters: from n/a through = 2.13.2...

4.3CVSS0.0018EPSS
Exploits0References1
cvelist
cvelist
added 2025/01/02 12:0 p.m.19 views

CVE-2024-37242 WordPress Newspack Newsletters plugin <= 2.13.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Automattic Newspack Newsletters newspack-newsletters allows Cross Site Request Forgery.This issue affects Newspack Newsletters: from n/a through = 2.13.2...

4.3CVSS0.0018EPSS
Exploits0References1
cve
cve
added 2025/01/02 12:0 p.m.43 views

CVE-2024-37242

CVE-2024-37242 is a Cross-Site Request Forgery (CSRF) vulnerability in Automattic Newspack Newsletters, affecting version range n/a through 2.13.2. The connected records confirm the issue as a CSRF flaw in the WordPress plugin and reference public disclosures; no exploitation details or official ...

4.3CVSS5.9AI score0.0018EPSS
Exploits0References1
nvd
nvd
added 2024/11/01 3:15 p.m.11 views

CVE-2024-37475

Missing Authorization vulnerability in Automattic Newspack Newsletters allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Newspack Newsletters: from n/a through 2.13.2...

5.3CVSS0.00409EPSS
Exploits0References1
cvelist
cvelist
added 2024/11/01 2:18 p.m.20 views

CVE-2024-37475 WordPress Newspack Newsletters plugin <= 2.13.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Automattic Newspack Newsletters allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Newspack Newsletters: from n/a through 2.13.2...

5.3CVSS0.00409EPSS
Exploits0References1
osv
osv
added 2024/11/01 2:17 p.m.2 views

CVE-2024-43968 WordPress Newspack plugin < 3.8.7 - Broken Access Control vulnerability

Broken Access Control vulnerability in Automattic Newspack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack: from n/a through 3.8.6...

4.3CVSS5.9AI score0.00421EPSS
Exploits0References4
nvd
nvd
added 2024/07/10 6:15 p.m.24 views

CVE-2024-37115

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Automattic Newspack Blocks.This issue affects Newspack Blocks: from n/a through 3.0.8...

7.5CVSS0.00551EPSS
Exploits0References1
cve
cve
added 2024/07/10 5:55 p.m.47 views

CVE-2024-37115

CVE-2024-37115 affects WordPress plugin Newspack Blocks (versions up to 3.0.8). The vulnerability exposes sensitive information to an unauthenticated actor (Unauthenticated Sensitive Information Exposure). CVSSv3.1 base score 7.5 (HIGH); attack vector NETWORK, no authentication required, confiden...

7.5CVSS7.6AI score0.00551EPSS
Exploits0References1
Rows per page
Query Builder