@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-32886 via parse-server (>=2.0.8 <=7.5.4)

parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-32886 Source advisory: OSV:GHSA-4263-JGMP-7PF4...

@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-32248 via parse-server (>=2.0.8 <=7.5.4)

parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-32248 Source advisory: OSV:GHSA-5FW2-8JCV-XH87...

CVE-2025-11876

The Mailgun Subscriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mailgunsubscriptionform' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

CVE-2025-11876

The Mailgun Subscriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mailgunsubscriptionform' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

CVE-2025-11876

The Mailgun Subscriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mailgunsubscriptionform' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

EUVD-2025-203054

The Mailgun Subscriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mailgunsubscriptionform' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

CVE-2025-11876 Mailgun Subscriptions <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Mailgun Subscriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mailgunsubscriptionform' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

CVE-2025-11876

CVE-2025-11876 concerns the WordPress plugin Mailgun Subscriptions (up to version 1.3.1). The issue is a Stored Cross-Site Scripting (XSS) vulnerability in the plugin’s shortcodes, specifically the mailgun_subscription_form attribute handling, caused by insufficient input sanitization and output ...

CVE-2025-11876 Mailgun Subscriptions <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Mailgun Subscriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mailgunsubscriptionform' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

PT-2025-50898

The Mailgun Subscriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mailgun subscription form' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

WordPress plugin Mailgun Subscriptions 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

WordPress Mailgun Subscriptions plugin <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gilang - DJ in WordPress Plugin Mailgun Subscriptions versions = 1.3.1...

WordPress WP Mailgun SMTP Plugin <= 1.0.7 - Sensitive Data Exposure Vulnerability

Sensitive Data Exposure Vulnerability discovered by Legion Hunter in WordPress Plugin WP Mailgun SMTP versions = 1.0.7...

CVE-2025-48327

Missing Authorization vulnerability in inkthemes WP Mailgun SMTP wp-mailgun-smtp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Mailgun SMTP: from n/a through = 1.0.7...

CVE-2025-48327

Missing Authorization vulnerability in inkthemes WP Mailgun SMTP wp-mailgun-smtp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Mailgun SMTP: from n/a through = 1.0.7...

CVE-2025-48327

CVE-2025-48327 corresponds to a Missing Authorization vulnerability in the WP Mailgun SMTP plugin (versions up to 1.0.7). Affected product: WP Mailgun SMTP. Root cause: lack of proper ACL enforcement allows accessing functionality not properly constrained. Public references in connected sources c...

CVE-2025-48327 WordPress WP Mailgun SMTP plugin <= 1.0.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in inkthemes WP Mailgun SMTP wp-mailgun-smtp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Mailgun SMTP: from n/a through = 1.0.7...

CVE-2025-48327 WordPress WP Mailgun SMTP plugin <= 1.0.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in inkthemes WP Mailgun SMTP allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP Mailgun SMTP: from n/a through 1.0.7...

WordPress plugin WP Mailgun SMTP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-35014

Name of the Vulnerable Software and Affected Versions: WP Mailgun SMTP versions through 1.0.7 Description: The WP Mailgun SMTP plugin contains a missing authorization flaw that allows access to functionality not properly constrained by Access Control Lists ACLs. Recommendations: Update WP Mailgun...