WordPress SendPress Newsletters plugin <= 1.23.11.6 - Admin+ Stored XSS via Settings vulnerability

Admin+ Stored XSS via Settings vulnerability discovered by Manab Jyoti Dowarah in WordPress Plugin SendPress Newsletters versions = 1.23.11.6...

WordPress SendPress Newsletters plugin <= 1.23.11.6 - Admin+ Stored XSS via Form Settings vulnerability

Admin+ Stored XSS via Form Settings vulnerability discovered by Manab Jyoti Dowarah in WordPress Plugin SendPress Newsletters versions = 1.23.11.6...

EUVD-2015-9288

Malware in sbrugna...

EUVD-2023-39077

Malicious code in bioql PyPI...

EUVD-2023-51628

Malicious code in bioql PyPI...

EUVD-2023-46222

Malicious code in bioql PyPI...

EUVD-2023-46221

Malicious code in bioql PyPI...

EUVD-2023-57952

Malicious code in bioql PyPI...

CVE-2024-1588

The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-1589

The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-47517

Unauth. Reflected Cross-Site Scripting XSS vulnerability in SendPress Newsletters plugin = 1.23.11.6 versions...

CVE-2023-41729

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in SendPress Newsletters plugin = 1.22.3.31 versions...

CVE-2023-41730

Cross-Site Request Forgery CSRF vulnerability in SendPress Newsletters plugin = 1.22.3.31 versions...

CVE-2023-35040

Missing Authorization vulnerability in SendPress SendPress Newsletters.This issue affects SendPress Newsletters: from n/a through 1.23.11.6...

CVE-2015-9448

The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter...

CVE-2023-35040

Missing Authorization vulnerability in brewlabs SendPress Newsletters sendpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SendPress Newsletters: from n/a through = 1.26.1.20...

CVE-2023-35040

Missing Authorization vulnerability in SendPress SendPress Newsletters.This issue affects SendPress Newsletters: from n/a through 1.23.11.6...

CVE-2023-35040

Missing Authorization vulnerability in SendPress SendPress Newsletters.This issue affects SendPress Newsletters: from n/a through 1.23.11.6...

CVE-2023-35040

CVE-2023-35040 affects WordPress plugin SendPress Newsletters (versions up to and including 1.23.11.6). The issue is described as a Missing Authorization / Broken Access Control vulnerability in SendPress Newsletters, with unauthenticated access potentially allowed due to insufficient authorizati...

CVE-2023-35040 WordPress SendPress Newsletters plugin <= 1.26.1.20 - Broken Access Control vulnerability

Missing Authorization vulnerability in brewlabs SendPress Newsletters sendpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SendPress Newsletters: from n/a through = 1.26.1.20...