Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

31 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-11258

Malware in sbrugna...

6.6CVSS6.5AI score0.00567EPSS
Exploits2References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2008-6892

Malware in sbrugna...

7.5CVSS6.4AI score0.03929EPSS
Exploits1References7
RedhatCVE
RedhatCVEadded 2025/05/22 9:5 p.m.4 views

CVE-2021-24345

The page lists-management feature of the Sendit WP Newsletter WordPress plugin through 2.5.1, available to Administrator users does not sanitise, validate or escape the idlista POST parameter before using it in SQL statement, therefore leading to Blind SQL Injection...

6.6CVSS7.2AI score0.00567EPSS
Exploits2References1
CNVD
CNVDadded 2021/06/15 12:0 a.m.15 views

WordPress Sendit WP Newsletter plugin SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress Sendit WP Newsletter plugin 2.5.1 and earlier...

6.6CVSS6.6AI score0.00567EPSS
Exploits2References1
OSV
OSVadded 2021/06/14 2:15 p.m.0 views

CVE-2021-24345

The page lists-management feature of the Sendit WP Newsletter WordPress plugin through 2.5.1, available to Administrator users does not sanitise, validate or escape the idlista POST parameter before using it in SQL statement, therefore leading to Blind SQL Injection...

6.6CVSS5.9AI score0.00567EPSS
Exploits2References2
NVD
NVDadded 2021/06/14 2:15 p.m.9 views

CVE-2021-24345

The page lists-management feature of the Sendit WP Newsletter WordPress plugin through 2.5.1, available to Administrator users does not sanitise, validate or escape the idlista POST parameter before using it in SQL statement, therefore leading to Blind SQL Injection...

6.6CVSS0.00567EPSS
Exploits2References2
Prion
Prionadded 2021/06/14 2:15 p.m.8 views

Sql injection

The page lists-management feature of the Sendit WP Newsletter WordPress plugin through 2.5.1, available to Administrator users does not sanitise, validate or escape the idlista POST parameter before using it in SQL statement, therefore leading to Blind SQL Injection...

6CVSS6.7AI score0.00567EPSS
Exploits2References2Affected Software1
Cvelist
Cvelistadded 2021/06/14 1:37 p.m.12 views

CVE-2021-24345 Sendit WP Newsletter <= 2.5.1 - Authenticated (admin+) SQL Injection

The page lists-management feature of the Sendit WP Newsletter WordPress plugin through 2.5.1, available to Administrator users does not sanitise, validate or escape the idlista POST parameter before using it in SQL statement, therefore leading to Blind SQL Injection...

6.9AI score0.00567EPSS
Exploits2References2
CVE
CVEadded 2021/06/14 1:37 p.m.55 views

CVE-2021-24345

The CVE-2021-24345 entry describes a SQL Injection in the Sendit WP Newsletter WordPress plugin (versions ≤ 2.5.1) that is exploitable by an Administrator user via the id_lista POST parameter in the lists-management feature. The underlying issue is lack of sanitization/escaping of id_lista before...

6.6CVSS6.6AI score0.00567EPSS
Exploits2References2Affected Software1
CNNVD
CNNVDadded 2021/06/14 12:0 a.m.0 views

WordPress SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress Sendit WP Newsletter plugin 2.5.1 and earlier...

6.6CVSS6.2AI score0.00567EPSS
Exploits2References2
WPVulnDB
WPVulnDBadded 2021/05/27 12:0 a.m.19 views

Sendit WP Newsletter <= 2.5.1 - Authenticated (admin+) SQL Injection

The page lists-management feature of the plugin, available to Administrator users does not sanitise, validate or escape the idlista POST parameter before using it in SQL statement, therefore leading to Blind SQL Injection. PoC time curl -i -s -k -X $'POST' \ -H $'Upgrade-Insecure-Requests: 1' -H...

6.6CVSS0.2AI score0.00567EPSS
Exploits2References1Affected Software1
Patchstack
Patchstackadded 2021/05/27 12:0 a.m.15 views

WordPress Sendit WP Newsletter plugin <= 2.5.1 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Shreya Pohekar in WordPress Sendit WP Newsletter plugin versions = 2.5.1. Solution This plugin has been closed as of April 29, 2021 and is not available for download. This closure is temporary, pending a full review...

6.6CVSS2.8AI score0.00567EPSS
Exploits2References3Affected Software1
wpexploit
wpexploitadded 2021/05/27 12:0 a.m.169 views

Sendit WP Newsletter <= 2.5.1 - Authenticated (admin+) SQL Injection

The page lists-management feature of the plugin, available to Administrator users does not sanitise, validate or escape the idlista POST parameter before using it in SQL statement, therefore leading to Blind SQL Injection. time curl -i -s -k -X $'POST' \ -H $'Upgrade-Insecure-Requests: 1' -H...

6.6CVSS0.4AI score0.00567EPSS
Exploits2References1
Patchstack
Patchstackadded 2015/05/15 12:0 a.m.7 views

WordPress SendIt Plugin <= 2.1.0 - SQL Injection

Because of this vulnerability, remote authenticated users can execute arbitrary SQL commands via "id" parameter. Solution Upgrade the plugin...

6.4AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDBadded 2014/09/19 12:0 a.m.9 views

Sendit < 2.1.1 - SQL Injection

The Sendit WP Newsletter WordPress plugin was affected by a SQL Injection security vulnerability...

2AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDBadded 2014/08/01 10:58 a.m.4 views

SendIt <= 1.5.9 - Blind SQL Injection

The Sendit WP Newsletter WordPress plugin was affected by a Blind SQL Injection security vulnerability...

1.7AI score
Exploits0References1Affected Software1
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.15 views

WordPress SendIt plugin <= 1.5.9 - Blind SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress SendIt plugin = 1.5.9 Blind SQL Injection Vulnerability Google Dork: inurl:wp-content/plugins/sendit/submit.php Date: 2011-08-25 Author: evilsocket evilsocket at gmail dot com Software Link: http://wordpress.org/extend/plugins/sendit/...

7.1AI score
Exploits0
Exploit DB
Exploit DBadded 2011/08/25 12:0 a.m.27 views

WordPress Plugin SendIt 1.5.9 - Blind SQL Injection

Exploit Title: WordPress SendIt plugin getvar"SELECT COUNT FROM $tableemail where email ='$POSTemailadd' and idlista = '$POSTlista';"; As you can see, $POSTlista parameter is nor validated neither escaped, so you can blind sql inject it using $usercount for the boolean condition checking :...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2011/08/25 12:0 a.m.13 views

WordPress Plugin SendIt 1.5.9 - Blind SQL Injection

WordPress Plugin SendIt 1.5.9 - Blind SQL Injection Exploit Title: WordPress SendIt plugin getvar"SELECT COUNT FROM $tableemail where email ='$POSTemailadd' and idlista = '$POSTlista';"; As you can see, $POSTlista parameter is nor validated neither escaped, so you can blind sql inject it using...

8.6AI score
Exploits0
Packet Storm
Packet Stormadded 2011/08/25 12:0 a.m.18 views

WordPress SendIt 1.5.9 Blind SQL Injection

Exploit Title: WordPress SendIt plugin getvar"SELECT COUNT FROM $tableemail where email ='$POSTemailadd' and idlista = '$POSTlista';"; As you can see, $POSTlista parameter is nor validated neither escaped, so you can blind sql inject it using $usercount for the boolean condition checking :...

7.4AI score
Exploits0
Rows per page
Query Builder