EUVD-2023-50335

Malicious code in bioql PyPI...

WordPress Plugin FreshMail Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress FreshMail For WordPress Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)

Software FreshMail For WordPress Type Plugin Vulnerable versions = 2.3.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-46074 Patch priority Medium CVSS severity Medium 5.8 Developer Claim ownership PSID bc13c89450f9 Credits LEE SE HYOU...

CVE-2015-9496

CVE-2015-9496 affects the WordPress plugin “freshmail-newsletter” prior to version 1.6. The vulnerability is a SQL Injection in shortcode.php via the FM_form id= substring, caused by missing validation/sanitization of the shortcode attribute before including it in a SQL query. Exploitation is fea...

WordPress Plugin Freshmail 1.5.8 - shortcode.php SQL Injection

WordPress Plugin Freshmail 1.5.8 - shortcode.php SQL Injection Exploit Title: Unauthenticated SQL Injection on Wordpress Freshmail 1 Google Dork: N/A Date: 05/05/2015 Exploit Author: Felipe Molina de la Torre @felmoltor Vendor Homepage: http://freshmail.com/ Software Link:...