Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.9 views

CVE-2026-7621

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

4.3CVSS5.5AI score0.0025EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 8:16 a.m.24 views

CVE-2026-7621

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

4.3CVSS0.0025EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/28 6:45 a.m.33 views

CVE-2026-7621 SMTP2GO for WordPress <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

4.3CVSS0.0025EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2026/05/28 6:45 a.m.8 views

CVE-2026-7621 SMTP2GO for WordPress <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

4.3CVSS5.8AI score0.0025EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.11 views

WordPress plugin SMTP2GO for WordPress – Email Made Easy 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

4.3CVSS5.9AI score0.0025EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.12 views

PT-2026-44202

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

4.3CVSS5.8AI score0.0025EPSS
Exploits0References12
Veracode
Veracode
added 2025/11/27 7:27 a.m.6 views

Improper Input Validation

nodemailer is vulnerable to improper input validation.The vulnerability is due to improper handling of specially formatted recipient email addresses, which allows an attacker to embed an external address within quotes and redirect emails to an unauthorized destination...

7.5CVSS6.9AI score0.00498EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2025/11/14 8:15 p.m.3 views

UBUNTU-CVE-2025-13033

A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An attacker can exploit this flaw by crafting a recipient address that embeds an external address within quotes. This causes the application to misdirect the emai...

7.5CVSS5.8AI score0.00498EPSS
Exploits0References6
OSV
OSV
added 2021/05/06 1:15 p.m.21 views

CVE-2020-28015

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...

7.8CVSS9.5AI score0.00379EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2021/05/06 3:46 a.m.26 views

CVE-2020-28015

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...

7.8CVSS8.1AI score0.00379EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2021/05/04 1:30 p.m.34 views

CVE-2020-28015

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...

7.8CVSS7.1AI score0.00379EPSS
Exploits1References3
CERT
CERT
added 2020/01/31 12:0 a.m.67 views

OpenSMTPD vulnerable to local privilege escalation and remote code execution

Overview Qualys Research Labs found that the smtpmailaddr function in OpenSMTPD version 6.6 does not properly sanitize user input, which could allow a local attacker to escalate their privileges, and allow either a local or remote attacker to execute arbitrary code as root. Description OpenSMTPD ...

10CVSS9.6AI score0.98972EPSS
Exploits27References9
Tenable Nessus
Tenable Nessus
added 2016/10/12 12:0 a.m.15 views

openSUSE Security Update : MozillaThunderbird (openSUSE-2016-1166)

This update for Mozilla Thunderbird to version 45.4.0 fixes the following issues : - When using Thunderbird in a browser like context, for rendering HTML e-mail or feeds, it may be affected by vulnerabilities also fixed in Firefox ESR 45.4. MFSA 2016-86, boo999701 The following bugs were fixed in...

5.4AI score
Exploits0References1
Rows per page
Query Builder