Lucene search
K

19 matches found

Vulnrichment
Vulnrichment
added 2026/06/13 7:51 a.m.7 views

CVE-2026-2470 Pagelayer <= 2.0.9 - Incorrect Authorization to Authenticated (Contributor+) Mail Relay Configuration via 'contacts'

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 2.0.9. This is due to the pagelayersavecontent AJAX handler allowing users with basic post-edit capability to persist...

4.3CVSS5.4AI score0.00204EPSS
Exploits0References2
OSV
OSV
added 2026/04/18 1:11 a.m.6 views

GHSA-JM8C-9F3J-4378 pretalx mail templates vulnerable to email injection via unescaped user-controlled placeholders

An unauthenticated attacker can send arbitrary HTML-rendered emails from a pretalx instance's configured sender address by embedding malformed HTML or markdown link syntax in a user-controlled template placeholder such as the account display name. The most direct vector is the password-reset flow...

6.1CVSS5.9AI score0.00154EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/18 1:11 a.m.10 views

Improper Encoding or Escaping of Output

Overview pretalx is a Conference organisation: CfPs, scheduling, much more Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via unescaped user-controlled placeholders in mail templates. An attacker can inject arbitrary HTML content into outgoing emails b...

6.1CVSS5.9AI score0.00154EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/18 1:11 a.m.11 views

pretalx mail templates vulnerable to email injection via unescaped user-controlled placeholders

An unauthenticated attacker can send arbitrary HTML-rendered emails from a pretalx instance's configured sender address by embedding malformed HTML or markdown link syntax in a user-controlled template placeholder such as the account display name. The most direct vector is the password-reset flow...

6.1CVSS5.9AI score0.00154EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/11/13 3:27 a.m.5 views

EUVD-2025-150409

The Welcart e-Commerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uscesexport' action in all versions up to, and including, 2.11.24. This makes it possible for unauthenticated attackers to access configured payment credentials ex...

5.3CVSS5AI score0.00208EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-32225

Malicious code in bioql PyPI...

7.6CVSS6.6AI score0.00227EPSS
Exploits1References2
OSV
OSV
added 2025/06/05 5:48 a.m.2 views

BIT-JOOMLA-2024-27186 [20240803] - Core - XSS in HTML Mail Templates

The mail template feature lacks an escaping mechanism, causing XSS vectors in multiple extensions...

6.1CVSS5.8AI score0.00252EPSS
Exploits0References2
Snyk
Snyk
added 2024/11/13 2:15 p.m.2 views

Files or Directories Accessible to External Parties

Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties by abusing the mail notification template via the dataUrl function. Note: This is only exploitable when the attacker have write permissions...

8.3CVSS7AI score0.00657EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/08/08 2:52 p.m.18 views

CVE-2024-42356 Shopware vulnerable to Server Side Template Injection in Twig using Context functions

Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the context variable is injected into almost any Twig Template and allows to access to current language, currency information. The context object allows also to switch for a short time the scope of the Context as a...

8.3CVSS7.2AI score0.00648EPSS
Exploits0References5
OSV
OSV
added 2024/08/08 2:52 p.m.17 views

CVE-2024-42356 Shopware vulnerable to Server Side Template Injection in Twig using Context functions

Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the context variable is injected into almost any Twig Template and allows to access to current language, currency information. The context object allows also to switch for a short time the scope of the Context as a...

8.3CVSS6.7AI score0.00648EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2024/08/08 2:50 p.m.16 views

Shopware vulnerable to Server Side Template Injection in Twig using Context functions

Impact The context variable is injected into almost any Twig Template and allows to access to current language, currency information. The context object allows also to switch for a short time the scope of the Context as a helper with a callable function. Example call from PHP: php...

8.3CVSS6.9AI score0.00648EPSS
Exploits0References7Affected Software2
Prion
Prion
added 2022/09/27 11:15 p.m.20 views

Cross site scripting

Vtiger CRM v7.4.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the e-mail template modules...

4.9CVSS5.3AI score0.00685EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2021/06/16 5:18 p.m.16 views

GHSA-4W4P-XWRR-9CRH Injection in Apache Syncope

Vulnerability to Server-Side Template Injection on Mail templates for Apache Syncope 2.0.X releases prior to 2.0.15, 2.1.X releases prior to 2.1.6, enabling attackers to inject arbitrary JEXL expressions, leading to Remote Code Execution RCE was discovered...

9.8CVSS9.8AI score0.04645EPSS
Exploits0References2
NVD
NVD
added 2020/05/04 1:15 p.m.23 views

CVE-2020-1961

Vulnerability to Server-Side Template Injection on Mail templates for Apache Syncope 2.0.X releases prior to 2.0.15, 2.1.X releases prior to 2.1.6, enabling attackers to inject arbitrary JEXL expressions, leading to Remote Code Execution RCE was discovered...

9.8CVSS9.8AI score0.04645EPSS
Exploits0References1
Veracode
Veracode
added 2020/05/04 5:58 a.m.23 views

Server-Side Template Injection

syncope-core-provisioning-java is vulnerable to server-side template injection. Remote attackers are able to inject arbitrary JEXL expressions via the Mail templates and execute arbitrary code on the system...

9.8CVSS7AI score0.04645EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2020/01/28 1:15 p.m.23 views

Design/Logic Flaw

An issue was discovered in FusionAuth before 1.11.0. An authenticated user, allowed to edit e-mail templates Home - Settings - Email Templates or themes Home - Settings - Themes, can execute commands on the underlying operating system by abusing freemarker.template.utility.Execute in the Apache...

9CVSS7AI score0.19807EPSS
Exploits3References4Affected Software1
Prion
Prion
added 2017/12/30 9:29 p.m.11 views

Session fixation

Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have XSS via e-mail templates that are mishandled during a preview, aka APPSEC-1503...

4.3CVSS6AI score0.00637EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/12/30 9:0 p.m.46 views

CVE-2016-10704

CVE-2016-10704 affects Magento Community Edition and Enterprise Edition before versions 2.0.10 (CE) and 2.1.x before 2.1.2. The issue is an XSS in email templates that is mishandled during preview (APPSEC-1503). Root cause: crafted input in email template preview can be reflected in rendered cont...

6.1CVSS5.9AI score0.00637EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2015/07/08 12:0 a.m.40 views

WordPress Plugin WP E-Commerce Shop Styling 2.5 - Arbitrary File Download

Title: Remote file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-05 Download Site: https://wordpress.org/plugins/wp-ecommerce-shop-styling Vendor: https://profiles.wordpress.org/haet/ Vendor Notified: 2015-07-05, fixed...

7.4AI score
Exploits0
Rows per page
Query Builder