15 matches found
EUVD-2024-50770
Malicious code in bioql PyPI...
EUVD-2025-2968
Malicious code in bioql PyPI...
CVE-2024-12323
The turboSMTP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 4.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
CVE-2025-22753
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in turboSMTP turboSMTP turbosmtp allows Reflected XSS.This issue affects turboSMTP: from n/a through = 4.6...
CVE-2025-22753
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in turboSMTP turboSMTP turbosmtp allows Reflected XSS.This issue affects turboSMTP: from n/a through = 4.6...
CVE-2025-22753 WordPress turboSMTP Plugin <= 4.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in turboSMTP turboSMTP turbosmtp allows Reflected XSS.This issue affects turboSMTP: from n/a through = 4.6...
CVE-2025-22753 WordPress turboSMTP Plugin <= 4.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in turboSMTP turboSMTP turbosmtp allows Reflected XSS.This issue affects turboSMTP: from n/a through = 4.6...
CVE-2025-22753
CVE-2025-22753 describes a Reflected Cross-Site Scripting (XSS) vulnerability in turboSMTP (WordPress plugin). The issue is caused by improper neutralization of input during web page generation, enabling reflected XSS. Affected software is turboSMTP up to version 4.6 (no public details on exact p...
WordPress turboSMTP Plugin <= 4.6 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 Patchstack Alliance in WordPress Plugin turboSMTP versions = 4.6...
CVE-2024-12323
The turboSMTP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 4.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
CVE-2024-12323 turboSMTP <= 4.6 - Reflected Cross-Site Scripting via 'page'
The turboSMTP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 4.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
CVE-2024-12323 turboSMTP <= 4.6 - Reflected Cross-Site Scripting via 'page'
The turboSMTP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 4.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
CVE-2024-12323
CVE-2024-12323 affects the turboSMTP WordPress plugin (all versions up to 4.6) with a Reflected Cross-Site Scripting via the page parameter caused by insufficient input sanitization and output escaping. Unauthenticated attackers could inject scripts into pages executed when a logged-in user is tr...
WordPress plugin turboSMTP 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2024-17542 · WordPress · Turbosmtp
Name of the Vulnerable Software and Affected Versions: turboSMTP plugin for WordPress versions up to, and including, 4.6 Description: The issue is related to Reflected Cross-Site Scripting via the page parameter due to insufficient input sanitization and output escaping. This allows unauthenticat...