EUVD-2024-23216

Malicious code in bioql PyPI...

CVE-2024-25914

Cross-Site Request Forgery CSRF vulnerability in Photoboxone SMTP Mail.This issue affects SMTP Mail: from n/a through 1.3.20...

SMTP Mail Plugin < 1.3.21 - Cross Site Request Forgery

Description The SMTP Mail plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.20. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unauthorized...

CVE-2024-25914

Cross-Site Request Forgery CSRF vulnerability in Photoboxone SMTP Mail.This issue affects SMTP Mail: from n/a through 1.3.20...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Photoboxone SMTP Mail.This issue affects SMTP Mail: from n/a through 1.3.20...

CVE-2024-25914 WordPress SMTP Mail Plugin <= 1.3.20 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Photoboxone SMTP Mail.This issue affects SMTP Mail: from n/a through 1.3.20...

WordPress SMTP Mail Plugin <= 1.3.20 is vulnerable to Cross Site Request Forgery (CSRF)

Software SMTP Mail Type Plugin Vulnerable versions = 1.3.20 Fixed in 1.3.21 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-25914 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8c89b8d2051d Credits Abdi Pranata Required...

CVE-2023-3092

CVE-2023-3092 affects the WordPress SMTP Mail plugin; versions up to and including 1.2.16 are vulnerable to Stored Cross-Site Scripting via the email subject when the Save Data SendMail feature is enabled. Root cause is insufficient input sanitization and output escaping. Consequences: unauthenti...

PT-2023-23050 · WordPress · Smtp Mail

Name of the Vulnerable Software and Affected Versions: SMTP Mail plugin for WordPress versions up to, and including, 1.2.16 Description: The issue is related to Stored Cross-Site Scripting via an email subject due to insufficient input sanitization and output escaping when the 'Save Data SendMail...

WordPress Plugin SMTP Mail 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress SMTP Mail Plugin <= 1.3.36 is vulnerable to Cross Site Scripting (XSS)

Software SMTP Mail Type Plugin Vulnerable versions = 1.3.36 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3092 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 4ad93cce1cf5 Credits Alex Thomas Required privilege...

SMTP Mail < 1.2 - Reflected Cross-Site Scripting (XSS)

The plugin does not escape its page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue alert/XSS/' /...

SMTP Mail < 1.2.2 - Authenticated SQL Injections

The plugin does not properly validate or escape the order and orderby parameters before using them in SQL statements, leading to SQL Injections in the admin dashboard PoC...

Barracuda IMFirewall 620 - Input Validation Vulnerability

Document Title: =============== Barracuda IMFirewall 620 - Input Validation Vulnerability References Source: ==================== EDB-ID: 10347 http://www.exploit-db.com/exploits/10347/ Release Date: ============= 2011-03-16 Vulnerability Laboratory ID VL-ID: ====================================...