EUVD-2023-51854

Malicious code in bioql PyPI...

CVE-2023-47756

Missing Authorization vulnerability in David Vongries Welcome Email Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcome Email Editor: from n/a through 5.0.6...

CVE-2023-47756

Missing Authorization vulnerability in David Vongries Welcome Email Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcome Email Editor: from n/a through 5.0.6...

CVE-2023-47756 WordPress Welcome Email Editor plugin <= 5.0.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in David Vongries Welcome Email Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcome Email Editor: from n/a through 5.0.6...

CVE-2023-47756 WordPress Welcome Email Editor plugin <= 5.0.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in David Vongries Welcome Email Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcome Email Editor: from n/a through 5.0.6...

PT-2024-13479 · Unknown · Welcome Email Editor

Name of the Vulnerable Software and Affected Versions: Welcome Email Editor versions through 5.0.6 Description: The issue is related to a Missing Authorization vulnerability in the Welcome Email Editor, which allows exploiting incorrectly configured access control security levels. Recommendations...

WordPress Welcome Email Editor Plugin <= 5.0.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Welcome Email Editor Type Plugin Vulnerable versions = 5.0.6 Fixed in 5.0.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f7071fbb1d62 Credits ajaxhandler Required...

Welcome Email Editor < 5.0.7 - Subscriber+ Email Sending

Description The plugin does not have authorisation in its ajaxhandler function, allowing any authenticated users, such as subscriber to call it and send various emails...

WordPress Welcome Email Editor Plugin <= 5.0.6 is vulnerable to Broken Access Control

Software Welcome Email Editor Type Plugin Vulnerable versions = 5.0.6 Fixed in 5.0.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-47756 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 797902c75465 Credits Abdi Pranata Required...

Shopify: Xss triggered in Your-store.myshopify.com/admin/apps/shopify-email/editor/****

Hi team, I have found Store Xss in shopify-email Reproduction Instructions / 1.Configure shopify-email for Shopify stores at https://apps.shopify.com/shopify-email 2.Goto Your-store.myshopify.com/admin/apps/shopify-email/template-branding 3.Change F1607675 with " click Save. 4.Now Select any...

PT-2021-11026 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions 2.3.2 through 2.6 Description: A Server Side Request Forgery SSRF issue exists via the email function. When writing an email in an editor, it is possible to upload pictures from remote websites. Recommendations: For version...