WordPress Check & Log Email plugin < 2.0.13 - Unauthenticated Stored XSS vulnerability

Unauthenticated Stored XSS vulnerability discovered by Matthew Rollings in WordPress Plugin Check & Log Email versions 2.0.13...

CVE-2026-5306

The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled...

CVE-2026-5306 Check & Log Email < 2.0.13 - Unauthenticated Stored XSS

The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled...

CVE-2026-5306 Check & Log Email < 2.0.13 - Unauthenticated Stored XSS

The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled...

CVE-2026-5306

The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled...

EUVD-2024-16649

Malicious code in bioql PyPI...

EUVD-2022-24842

Malicious code in bioql PyPI...

EUVD-2025-30770

Malicious code in bioql PyPI...

CVE-2025-10797 code-projects Hostel Management System index.php sql injection

A vulnerability was determined in code-projects Hostel Management System 1.0. This issue affects some unknown processing of the file /justines/index.php. This manipulation of the argument logemail causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed...

CVE-2025-10797

The CVE-2025-10797 entry concerns code-projects Hostel Management System 1.0. The vulnerability affects the file /justines/index.php where manipulation of the log_email parameter enables SQL injection. Multiple connected sources (CNVD, CNNVD, Red Hat, CVE records) confirm remote exploitation pote...

code-projects Hostel Management System SQL注入漏洞

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter logemail in the file /justines/index.php. An attacker can exploit this...

PT-2025-38713

Name of the Vulnerable Software and Affected Versions Hostel Management System version 1.0 Description A flaw exists in the processing of the /justines/index.php file within Hostel Management System. Specifically, manipulating the log email argument can lead to SQL injection. This issue can be...

CVE-2022-1547

The Check & Log Email WordPress plugin before 1.0.6 does not sanitise and escape a parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting...

CVE-2021-24908

The Check & Log Email WordPress plugin before 1.0.4 does not escape the d parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting...

CVE-2021-24774

The Check & Log Email WordPress plugin before 1.0.3 does not validate and escape the "order" and "orderby" GET parameters before using them in a SQL statement when viewing logs, leading to SQL injections issues...

CVE-2024-0866

The Check & Log Email plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 1.0.9 via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The acti...

CVE-2024-6112

A vulnerability classified as critical was found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument logemail leads to sql injection. The attack can be initiated remotely. The exploit has...

PT-2024-37389 · Bethesda · Bethesda Online Reservation System

Name of the Vulnerable Software and Affected Versions: Bethesda Online Reservation System version 1.0 Description: A critical vulnerability was found in the Bethesda Online Reservation System, affecting the file index.php. The manipulation of the log email argument leads to SQL injection. The...

Pool of Bethesda Online Reservation System SQL Injection Vulnerability

Pool of Bethesda Online Reservation System is a swimming pool online reservation system by janobe individual developer. A SQL injection vulnerability exists in Pool of Bethesda Online Reservation System version 1.0, which stems from a parameter logemail in the file index.php that can lead to SQL...

PT-2024-25277 · Sourcecodester · Aplaya Beach Resort Online Reservation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Aplaya Beach Resort Online Reservation System version 1.0 Description: A critical vulnerability has been found in the system, affecting an unknown function of the file booking/index.php. The manipulation of the log email and lo...