MailPoet Newsletters 2.6.19 Cross Site Scripting

A cross site scripting vulnerability exists in MailPoet Newsletters WordPress Plugin version 2.6.19. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

MAL-2026-454 Malicious code in @mailpoet/component (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d48b40574c65ef747944583fa5a49ac40b673d6932a02247c2cdbd5331a79179 The package @mailpoet/component was found to contain malicious code. Source: ghsa-malware...

Malicious code in @mailpoet/component (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d48b40574c65ef747944583fa5a49ac40b673d6932a02247c2cdbd5331a79179 The package @mailpoet/component was found to contain malicious code. Source: ghsa-malware...

MAL-2026-456 Malicious code in @mailpoet/eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c16934b5188a78db664e2c22b5fbfd7b089e580072216391bbf8925261484d0 The package @mailpoet/eslint-config was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview @mailpoet/eslint-config is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

EUVD-2026-4191

Malicious code in @mailpoet/component npm...

Malicious Package

Overview @mailpoet/component is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

EUVD-2026-4190

Malicious code in @mailpoet/components npm...

MAL-2026-455 Malicious code in @mailpoet/components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ec1e0266ccd0888d11f208447e31b521c1d6a2d7e622b0b78d7572b5f6e8b3e The package @mailpoet/components was found to contain malicious code. Source: ghsa-malware...

Malicious code in @mailpoet/eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c16934b5188a78db664e2c22b5fbfd7b089e580072216391bbf8925261484d0 The package @mailpoet/eslint-config was found to contain malicious code. Source: ghsa-malware...

Malicious code in @mailpoet/components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ec1e0266ccd0888d11f208447e31b521c1d6a2d7e622b0b78d7572b5f6e8b3e The package @mailpoet/components was found to contain malicious code. Source: ghsa-malware...

EUVD-2026-4189

Malicious code in @mailpoet/eslint-config npm...

Malicious Package

Overview @mailpoet/components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

CVE-2019-11843

The MailPoet plugin before 3.23.2 for WordPress allows remote attackers to inject arbitrary web script or HTML using extra parameters in the URL Reflective Server-Side XSS...

EUVD-2019-3503

Malware in sbrugna...

EUVD-2014-3844

Malware in sbrugna...

EUVD-2018-13393

Malware in sbrugna...

EUVD-2014-4645

Malware in sbrugna...

EUVD-2024-50226

Malicious code in bioql PyPI...

EUVD-2025-15320

Malicious code in bioql PyPI...