CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

NVD•added 2026/05/27 8:16 a.m.•8 views

CVE-2026-7618

The EnvíaloSimple: Email Marketing y Newsletters plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'orderby' parameter in all versions up to, and including, 2.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

4.9CVSS0.00036EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-4454

Malware in sbrugna...

4.3CVSS6.4AI score0.00174EPSS

Exploits1References3

Patchstack•added 2024/04/02 2:1 a.m.•2 views

WordPress EnvíaloSimple plugin <= 2.3 - Cross-Site Request Forgery to Arbitrary File Upload vulnerability

Cross-Site Request Forgery to Arbitrary File Upload vulnerability discovered by Francesco Carlucci in WordPress Plugin EnvíaloSimple versions = 2.3...

8.8CVSS7AI score0.003EPSS

Exploits0References1Affected Software1

Prion•added 2014/07/02 6:55 p.m.•16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in paginas/vista-previa-form.php in the EnvialoSimple: Email Marketing and Newsletters envialosimple-email-marketing-y-newsletters-gratis plugin before 1.98 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 Form...

4.3CVSS6.2AI score0.00174EPSS

Exploits1References2Affected Software1