CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

Vulnrichment•added 2026/01/08 9:17 a.m.•2 views

CVE-2025-67911 WordPress Newsletters plugin <= 4.11 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Tribulant Software Newsletters newsletters-lite allows Object Injection.This issue affects Newsletters: from n/a through = 4.11...

9.8CVSS6.6AI score0.00106EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-21667

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00084EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-14795

Malicious code in bioql PyPI...

7.1CVSS7.7AI score0.00669EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•9 views

EUVD-2025-8296

Malicious code in bioql PyPI...

7.6CVSS9AI score0.0037EPSS

Exploits1References2

Cvelist•added 2025/08/20 8:2 a.m.•7 views

CVE-2025-54034 WordPress Newsletters plugin <= 4.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Tribulant Software Newsletters newsletters-lite allows PHP Local File Inclusion.This issue affects Newsletters: from n/a through = 4.10...

7.5CVSS0.00144EPSS

Exploits0References1

RedhatCVE•added 2025/07/18 10:59 a.m.•3 views

CVE-2025-54035

Cross-Site Request Forgery CSRF vulnerability in Tribulant Software Newsletters newsletters-lite allows Cross Site Request Forgery.This issue affects Newsletters: from n/a through = 4.10...

4.3CVSS5.9AI score0.00084EPSS

Exploits0References1

NVD•added 2025/07/16 11:15 a.m.•2 views

CVE-2025-54035

Cross-Site Request Forgery CSRF vulnerability in Tribulant Software Newsletters newsletters-lite allows Cross Site Request Forgery.This issue affects Newsletters: from n/a through = 4.10...

4.3CVSS0.00084EPSS

Exploits0References1

Vulnrichment•added 2025/07/16 10:36 a.m.•3 views

CVE-2025-54035 WordPress Newsletters plugin <= 4.10 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tribulant Software Newsletters newsletters-lite allows Cross Site Request Forgery.This issue affects Newsletters: from n/a through = 4.10...

4.3CVSS5.9AI score0.00084EPSS

Exploits0References1

Positive Technologies•added 2025/07/16 12:0 a.m.•2 views

PT-2025-29757 · Tribulant · Tribulant Software Newsletters

Name of the Vulnerable Software and Affected Versions: Tribulant Software Newsletters versions n/a through 4.10 Description: A Cross-Site Request Forgery CSRF vulnerability exists in Tribulant Software Newsletters, allowing attackers to perform actions on behalf of authenticated users. This issue...

4.3CVSS6.3AI score0.00084EPSS

Exploits0References3

RedhatCVE•added 2025/04/05 2:28 p.m.•5 views

CVE-2025-30858

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tribulant Software Snow Storm snow-storm allows Reflected XSS.This issue affects Snow Storm: from n/a through = 1.4.6...

7.1CVSS7.2AI score0.00669EPSS

Exploits0References1

Vulnrichment•added 2025/04/03 1:27 p.m.•5 views

CVE-2025-30858 WordPress Snow Storm plugin <= 1.4.6 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS7.3AI score0.00669EPSS

Exploits0References1

CVE•added 2025/04/03 1:27 p.m.•36 views

CVE-2025-30858

CVE-2025-30858: Snow Storm (Tribulant Software) WordPress plugin is affected by a reflected XSS due to improper input neutralization during web page generation. Impact is low to high depending on context, with exploitation requiring user interaction. The Wordfence Vulnerability Database lists Sno...

7.1CVSS7.2AI score0.00669EPSS

Exploits0References1

RedhatCVE•added 2025/03/29 11:34 a.m.•10 views

CVE-2025-30921

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tribulant Software Newsletters newsletters-lite allows SQL Injection.This issue affects Newsletters: from n/a through = 4.9.9.7...

7.6CVSS7.3AI score0.0037EPSS

Exploits1References1

NVD•added 2025/03/27 11:15 a.m.•13 views

CVE-2025-30921

7.6CVSS0.0037EPSS

Exploits1References1

CVE•added 2025/03/27 10:55 a.m.•51 views

CVE-2025-30921

CVE-2025-30921 affects the Newsletters plugin for WordPress (Tribulant Newsletters). The connected sources confirm an SQL Injection in Newsletters, affecting versions from n/a up to 4.9.9.7. The CVE is rated with a CVSS v3.1 base score of 7.6 (High) with attack vector Network, authentication requ...

7.6CVSS7.3AI score0.0037EPSS

Exploits1References1

Cvelist•added 2025/03/27 10:55 a.m.•16 views

CVE-2025-30921 WordPress Newsletters plugin <= 4.9.9.7 - SQL Injection vulnerability

7.6CVSS0.0037EPSS

Exploits1References1

Vulnrichment•added 2025/03/27 10:55 a.m.•14 views

CVE-2025-30921 WordPress Newsletters plugin <= 4.9.9.7 - SQL Injection vulnerability

7.6CVSS7.4AI score0.0037EPSS

Exploits1References1

Rows per page