CVE-2026-6235

The Sendmachine for WordPress plugin for WordPress is vulnerable to authorization bypass via the 'manageadminrequests' function in all versions up to, and including, 1.0.20. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

PT-2026-32967

Summary Serendipity inserts $ SERVER'HTTP HOST' directly into the Message-ID SMTP header without any validation beyond CRLF stripping. An attacker who can control the Host header during an email-triggering action can inject arbitrary SMTP headers into outgoing emails, enabling spam relay, BCC...

CVE-2026-35460

Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, transactional email templates in Papra interpolate user.name directly into HTML without escaping or sanitization. An attacker who registers with a display name containing HTML tags will have those tags injected...

CVE-2026-35460

Papra (document management platform) is affected by an HTML injection in transactional emails prior to version 26.4.0, where user.display name is interpolated into email HTML without escaping. An attacker registering with a display name containing HTML could inject tags into verification and pass...

CVE-2026-35460 Papra has an HTML Injection in Transactional Emails via Unescaped User Display Name

Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, transactional email templates in Papra interpolate user.name directly into HTML without escaping or sanitization. An attacker who registers with a display name containing HTML tags will have those tags injected...

Papra 安全漏洞

Papra is an open-source document management and archiving platform developed by Papra itself. Versions of Papra prior to 26.4.0 contained security vulnerabilities. These vulnerabilities stemmed from transactional email templates that directly inserted user.name into HTML without escaping or...

PT-2026-30853

Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, transactional email templates in Papra interpolate user.name directly into HTML without escaping or sanitization. An attacker who registers with a display name containing HTML tags will have those tags injected...

CVE-2026-25043

Budibase is an open-source low-code platform. Prior to version 3.23.25, a business logic vulnerability exists in Budibase’s password reset functionality due to the absence of rate limiting, CAPTCHA, or abuse prevention mechanisms on the “Forgot Password” endpoint. An unauthenticated attacker can...

EUVD-2025-205899

The Easy Digital Downloads plugin for WordPress is vulnerable to Unvalidated Redirect in all versions up to, and including, 3.6.2. This is due to insufficient validation on the redirect url supplied via the 'eddredirect' parameter. This makes it possible for unauthenticated attackers to redirect...

CVE-2025-11833

The Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the construct function in all versions up to, and including, 3.6.0. This makes it possible for unauthenticated...

EUVD-2020-20191

Malware in sbrugna...

EUVD-2023-52285

Malicious code in bioql PyPI...

EUVD-2022-46672

Malicious code in bioql PyPI...

CVE-2025-53522

Movable Type contains an issue with use of less trusted source. If exploited, tampered email to reset a password may be sent by a remote unauthenticated attacker...

CVE-2025-4473

The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ajaxrequest function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to control where the plugin sends...

PT-2025-5973 · Janto · Janto

Name of the Vulnerable Software and Affected Versions: Janto versions prior to r12 Description: The issue concerns an insufficient data authenticity verification vulnerability. This vulnerability allows an unauthenticated attacker to modify the content of emails sent to reset the password. To...

Directus Security Vulnerabilities

Directus is a real-time Api and application dashboard. It is used to manage Sql database content. A security vulnerability exists in Directus versions prior to 10.8.3, which stems from a vulnerability that allows an attacker to receive password reset emails from victimized users...

CVE-2023-48205

Jorani Leave Management System 1.0.2 allows a remote attacker to spoof a Host header associated with password reset emails...

CVE-2023-48205

Jorani Leave Management System 1.0.2 allows a remote attacker to spoof a Host header associated with password reset emails...

GHSA-4R4F-JRVW-H727 Feehi CMS host header injection vulnerability

A Host Header Injection vulnerability in Feehi CMS 2.1.1 may allow an attacker to spoof a particular header. This can be exploited by abusing password reset emails...