9 matches found
EUVD-2023-43820
Malicious code in bioql PyPI...
CVE-2023-3135
The Mailtree Log Mail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
CVE-2023-3135
CVE-2023-3135 – Mailtree Log Mail (WordPress) Stored XSS . The Mailtree Log Mail plugin is vulnerable in versions
CVE-2023-3135 Mailtree Log Mail <= 1.0.0 - Unauthenticated Stored Cross-Site Scripting via Email Subject
The Mailtree Log Mail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
CVE-2023-3135 Mailtree Log Mail <= 1.0.0 - Unauthenticated Stored Cross-Site Scripting via Email Subject
The Mailtree Log Mail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
PT-2023-23294 · WordPress · Mailtree Log Mail
Name of the Vulnerable Software and Affected Versions: Mailtree Log Mail plugin for WordPress versions up to, and including, 1.0.0 Description: The issue is related to Stored Cross-Site Scripting via an email subject due to insufficient input sanitization and output escaping. This allows...
WordPress Plugin Mailtree Log Mail 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. WordPress Plugin Mailtree Log Mail suffers...
WordPress Mailtree Log Mail Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Mailtree Log Mail Type Plugin Vulnerable versions = 1.0.0 Fixed in 1.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3135 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID e74e0d24830e Credits Alex Thomas Required...
Mailtree Log Mail < 1.0.1 - Unauthenticated Stored Cross-Site Scripting
The plugin does not properly sanitize and escape the input received through the email subject, leading to potential Stored Cross-Site Scripting XSS. This can result in the execution of arbitrary web scripts whenever a user accesses a compromised page...