CVE-2026-7618

The EnvíaloSimple: Email Marketing y Newsletters plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'orderby' parameter in all versions up to, and including, 2.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

WordPress EnvíaloSimple: Email Marketing y Newsletters plugin <= 2.4.5 - Authenticated (Administrator+) SQL Injection vulnerability

Authenticated Administrator+ SQL Injection vulnerability discovered by Maurice Fielenbach Hexastrike - Hexastrike Cybersecurity UG haftungsbeschränkt in WordPress Plugin EnvíaloSimple versions = 2.4.5...

EUVD-2014-4454

Malware in sbrugna...

EUVD-2023-56137

Malicious code in bioql PyPI...

CVE-2024-32587

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a through 2.2...

CVE-2024-32587

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a through 2.2...

WordPress EnvíaloSimple plugin <= 2.3 - Cross-Site Request Forgery to Arbitrary File Upload vulnerability

Cross-Site Request Forgery to Arbitrary File Upload vulnerability discovered by Francesco Carlucci in WordPress Plugin EnvíaloSimple versions = 2.3...

CVE-2023-51414

Deserialization of Untrusted Data vulnerability in EnvialoSimple EnvíaloSimple: Email Marketing y Newsletters.This issue affects EnvíaloSimple: Email Marketing y Newsletters: from n/a through 2.1...

CVE-2023-51414

Deserialization of Untrusted Data vulnerability in EnvialoSimple EnvíaloSimple: Email Marketing y Newsletters.This issue affects EnvíaloSimple: Email Marketing y Newsletters: from n/a through 2.1...

Deserialization of untrusted data

Deserialization of Untrusted Data vulnerability in EnvialoSimple EnvíaloSimple: Email Marketing y Newsletters.This issue affects EnvíaloSimple: Email Marketing y Newsletters: from n/a through 2.1...

WordPress EnvialoSimple Multiple Cross Site Scripting Vulnerabilities

WordPress EnvialoSimple Plugin is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2014-4527

Multiple cross-site scripting XSS vulnerabilities in paginas/vista-previa-form.php in the EnvialoSimple: Email Marketing and Newsletters envialosimple-email-marketing-y-newsletters-gratis plugin before 1.98 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 Form...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in paginas/vista-previa-form.php in the EnvialoSimple: Email Marketing and Newsletters envialosimple-email-marketing-y-newsletters-gratis plugin before 1.98 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 Form...

CVE-2014-4527

Multiple cross-site scripting XSS vulnerabilities in paginas/vista-previa-form.php in the EnvialoSimple: Email Marketing and Newsletters envialosimple-email-marketing-y-newsletters-gratis plugin before 1.98 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 Form...

CVE-2014-4527

The CVE-2014-4527 entry concerns the WordPress EnvialoSimple plugin (envialosimple-email-marketing-y-newsletters-gratis) with multiple XSS vulnerabilities. The affected component is the PHP script paginas/vista-previa-form.php, where XSS can be triggered via the FormID or AdministratorID paramete...