29 matches found
CVE-2025-66525
Missing Authorization vulnerability in Elastic Email Elastic Email Sender elastic-email-sender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Sender: from n/a through = 1.2.20...
EUVD-2025-202147
Missing Authorization vulnerability in Elastic Email Elastic Email Sender elastic-email-sender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Sender: from n/a through = 1.2.20...
CVE-2025-66525
Missing Authorization vulnerability in Elastic Email Elastic Email Sender elastic-email-sender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Sender: from n/a through = 1.2.20...
CVE-2025-66525
CVE-2025-66525 concerns a Missing Authorization vulnerability in the WordPress Elastic Email Sender plugin (versions up to 1.2.20). The underlying issue is incorrectly configured access control, resulting in a broken access control vulnerability that affects the plugin’s elastic-email-sender comp...
CVE-2025-66525 WordPress Elastic Email Sender plugin <= 1.2.20 - Broken Access Control vulnerability
Missing Authorization vulnerability in Elastic Email Elastic Email Sender elastic-email-sender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Sender: from n/a through = 1.2.20...
CVE-2025-66525 WordPress Elastic Email Sender plugin <= 1.2.20 - Broken Access Control vulnerability
Missing Authorization vulnerability in Elastic Email Elastic Email Sender elastic-email-sender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Sender: from n/a through = 1.2.20...
WordPress plugin Elastic Email Sender 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A security...
PT-2025-49873
Missing Authorization vulnerability in Elastic Email Elastic Email Sender elastic-email-sender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Sender: from n/a through = 1.2.20...
WordPress Elastic Email Sender plugin <= 1.2.20 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Elastic Email Sender versions = 1.2.20...
EUVD-2025-17176
Malicious code in bioql PyPI...
EUVD-2023-42204
Malicious code in bioql PyPI...
CVE-2025-28985
Missing Authorization vulnerability in Elastic Email Elastic Email Subscribe Form elastic-email-subscribe-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Subscribe Form: from n/a through = 1.2.2...
CVE-2025-28985
Missing Authorization vulnerability in Elastic Email Elastic Email Subscribe Form elastic-email-subscribe-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Subscribe Form: from n/a through = 1.2.2...
CVE-2025-28985
CVE-2025-28985 describes a Missing Authorization vulnerability in the Elastic Email Subscribe Form WordPress plugin, affecting versions from n/a through 1.2.2. Connected sources indicate the patch status as Unpatched; no public fix version is provided in the documents.
CVE-2025-28985 WordPress Elastic Email Subscribe Form plugin <= 1.2.2 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Elastic Email Elastic Email Subscribe Form elastic-email-subscribe-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Subscribe Form: from n/a through = 1.2.2...
CVE-2025-28985 WordPress Elastic Email Subscribe Form <= 1.2.2 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Elastic Email Elastic Email Subscribe Form allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elastic Email Subscribe Form: from n/a through 1.2.2...
PT-2025-24132 · Unknown · Email Subscribe Form
Name of the Vulnerable Software and Affected Versions: Elastic Email Subscribe Form versions 1.2.2 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Elastic Email Subscribe Form, which allows exploitation due to incorrectly configured access control...
WordPress Elastic Email Subscribe Form plugin <= 1.2.2 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Hiro Code016Hiro in WordPress Plugin Elastic Email Subscribe Form versions = 1.2.2...
CVE-2023-38387
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Elastic Email Sender plugin = 1.2.6 versions...
Elastic Email Sender < 1.2.7 - Admin+ Stored XSS
Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...