WordPress BlossomThemes Social Feed plugin <= 2.0.5 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin BlossomThemes Social Feed versions = 2.0.5...

EUVD-2023-51944

Malicious code in bioql PyPI...

CVE-2023-47849

Missing Authorization vulnerability in Blossom Themes BlossomThemes Email Newsletter blossomthemes-email-newsletter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BlossomThemes Email Newsletter: from n/a through = 2.2.4...

CVE-2023-47849

Missing Authorization vulnerability in Blossom Themes BlossomThemes Email Newsletter blossomthemes-email-newsletter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BlossomThemes Email Newsletter: from n/a through = 2.2.4...

CVE-2023-47849 WordPress BlossomThemes Email Newsletter plugin <= 2.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Blossom Themes BlossomThemes Email Newsletter blossomthemes-email-newsletter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BlossomThemes Email Newsletter: from n/a through = 2.2.4...

CVE-2024-37098

Server-Side Request Forgery SSRF vulnerability in Blossom Themes BlossomThemes Email Newsletter.This issue affects BlossomThemes Email Newsletter: from n/a through 2.2.6...

CVE-2024-37098 WordPress BlossomThemes Email Newsletter plugin <= 2.2.6 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Blossom Themes BlossomThemes Email Newsletter.This issue affects BlossomThemes Email Newsletter: from n/a through 2.2.6...

CVE-2024-37098

CVE-2024-37098: BlossomThemes Email Newsletter plugin contains an authenticated SSRF vulnerability affecting BlossomThemes Email Newsletter versions up to 2.2.6. Patch available to 2.2.7 (wording from PatchStack reference). Impact and exploit details are not elaborated in the provided documents b...

CVE-2024-37098 WordPress BlossomThemes Email Newsletter plugin <= 2.2.6 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Blossom Themes BlossomThemes Email Newsletter.This issue affects BlossomThemes Email Newsletter: from n/a through 2.2.6...

WordPress BlossomThemes Email Newsletter plugin <= 2.2.6 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Yuchen Ji Patchstack Alliance in WordPress Plugin BlossomThemes Email Newsletter versions = 2.2.6...

WordPress BlossomThemes Email Newsletter Plugin <= 2.2.6 is vulnerable to Server Side Request Forgery (SSRF)

Software BlossomThemes Email Newsletter Type Plugin Vulnerable versions = 2.2.6 Fixed in 2.2.7 OWASP Top 10 A10: Server-Side Request Forgery SSRF Classification Server Side Request Forgery SSRF CVE CVE-2024-37098 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID 21a43a2470ce...

WordPress BlossomThemes Email Newsletter Plugin <= 2.2.4 is vulnerable to Broken Access Control

Software BlossomThemes Email Newsletter Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47849 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 051053384c38 Credits Abdi...