CVE-2019-20203

The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From information of an email message...

CVE-2025-63020

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wayne Allen Postie postie allows Stored XSS.This issue affects Postie: from n/a through = 1.9.73...

CVE-2025-63020

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wayne Allen Postie postie allows Stored XSS.This issue affects Postie: from n/a through = 1.9.73...

CVE-2025-63020 WordPress Postie plugin <= 1.9.73 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wayne Allen Postie postie allows Stored XSS.This issue affects Postie: from n/a through = 1.9.73...

CVE-2025-63020

CVE-2025-63020 is a stored cross-site scripting (XSS) vulnerability in the WordPress plugin Postie. The connected Wordfence report identifies an authenticated (Contributor+) path, affecting Postie up to version 1.9.73, with exploitation requiring a Contributor+ user. Technical details confirm the...

EUVD-2025-205950

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wayne Allen Postie postie allows Stored XSS.This issue affects Postie: from n/a through 1.9.73...

CVE-2025-63020 WordPress Postie plugin <= 1.9.73 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wayne Allen Postie postie allows Stored XSS.This issue affects Postie: from n/a through = 1.9.73...

WordPress Postie plugin <= 1.9.73 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jitlada in WordPress Plugin Postie versions = 1.9.73...

WordPress plugin Postie 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-54327

Name of the Vulnerable Software and Affected Versions Wayne Allen Postie versions through 1.9.73 Description The software contains a flaw related to improper input handling during web page generation, specifically a Stored Cross-site Scripting issue. This allows for the injection of malicious...

WordPress Postie Plugin Cross-Site Scripting Vulnerability

WordPress Postie Plugin is a plugin that is mainly used for publishing posts via email. WordPress Postie Plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker...

EUVD-2019-10757

Malware in sbrugna...

EUVD-2019-10758

Malware in sbrugna...

EUVD-2012-2566

Malware in sbrugna...

EUVD-2024-55026

Malicious code in bioql PyPI...

CVE-2024-5200

The Postie WordPress plugin before 1.9.71 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress Postie plugin < 1.9.71 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Guido Iván García Duva in WordPress Plugin Postie versions 1.9.71...

CVE-2024-5200

The Postie WordPress plugin before 1.9.71 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-5200 Postie < 1.9.71 - Admin+ Stored XSS

The Postie WordPress plugin before 1.9.71 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-5200

CVE-2024-5200 – Postie WordPress plugin before 1.9.71 suffers from insufficient sanitization/escaping of settings, enabling stored XSS by high-privilege users (e.g., admin) even when unfiltered_html is disallowed (such as multisite) per CNVD/Red Hat/PatchStack entries. Affected product: Postie Pl...