Exposure of Private Personal Information to an Unauthorized Actor

Overview Affected versions of this package are vulnerable to Exposure of Private Personal Information to an Unauthorized Actor via the Email field in the Comment model exposed through unauthenticated public API endpoints. An attacker can obtain the email addresses of all guest commenters by makin...

EUVD-2022-48257

Malicious code in bioql PyPI...

CVE-2022-45360

Improper Neutralization of Formula Elements in a CSV File vulnerability in Scott Reilly Commenter Emails.This issue affects Commenter Emails: from n/a through 2.6.1...

CVE-2022-45360

Improper Neutralization of Formula Elements in a CSV File vulnerability in Scott Reilly Commenter Emails.This issue affects Commenter Emails: from n/a through 2.6.1...

Input validation

Improper Neutralization of Formula Elements in a CSV File vulnerability in Scott Reilly Commenter Emails.This issue affects Commenter Emails: from n/a through 2.6.1...

CVE-2022-45360 WordPress Commenter Emails Plugin <= 2.6.1 is vulnerable to CSV Injection

Improper Neutralization of Formula Elements in a CSV File vulnerability in Scott Reilly Commenter Emails.This issue affects Commenter Emails: from n/a through 2.6.1...

CVE-2022-45360

CVE-2022-45360 affects the WordPress Plugin Commenter Emails (Commenter Emails) versions

CVE-2022-45360 WordPress Commenter Emails plugin <= 2.6.1 - CSV Injection

A vulnerability in Scott Reilly Commenter Emails commenter-emails.This issue affects Commenter Emails: from n/a through = 2.6.1...

PT-2023-14649 · Unknown · Commenter Emails

Name of the Vulnerable Software and Affected Versions: Commenter Emails versions from n/a through 2.6.1 Description: The issue is related to the improper neutralization of formula elements in a CSV file, affecting Commenter Emails. Recommendations: For versions from n/a through 2.6.1, update to a...

WordPress Plugin commenter-emails security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress Commenter Emails Plugin <= 2.6.1 is vulnerable to CSV Injection

Software Commenter Emails Type Plugin Vulnerable versions = 2.6.1 Fixed in N/A OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2022-45360 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 7afa84e72c95 Credits Mika Required privilege Unauthenticated Published ...

appleple a-blog cms unauthorized operation vulnerability

appleple a-blog cms is a content management system CMS from appleple Japan. A security vulnerability exists in the session management of the comment feature in appleple a-blog cms 2.6.0.1 and earlier versions. A remote attacker can exploit this vulnerability to delete arbitrary comments or obtain...