4 matches found
CVE-2026-3090
The Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eventtype’ parameter in all versions up to, and including, 3.8.0 due to insufficient input sanitization and...
EUVD-2026-12841
The Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eventtype’ parameter in all versions up to, and including, 3.8.0 due to insufficient input sanitization and...
CVE-2026-3090 Post SMTP <= 3.8.0 - Unauthenticated Stored Cross-Site Scripting via 'event_type'
The Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eventtype’ parameter in all versions up to, and including, 3.8.0 due to insufficient input sanitization and...
CVE-2009-4956
Cross-site scripting XSS vulnerability in the Visitor Tracking wsstats extension before 0.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...