11 matches found
EUVD-2024-16650
Malicious code in bioql PyPI...
EUVD-2024-16649
Malicious code in bioql PyPI...
CVE-2024-0867
The Email Log plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 2.4.8 via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the...
CVE-2024-0866
The Check & Log Email plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 1.0.9 via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The acti...
CVE-2024-0867
The Email Log plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 2.4.8 via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the...
CVE-2024-0867 Email Log <= 2.4.8 - Unauthenticated Hook Injection
The Email Log plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 2.4.8 via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the...
CVE-2024-0867 Email Log <= 2.4.8 - Unauthenticated Hook Injection
The Email Log plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 2.4.8 via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the...
Email Log < 2.4.9 - Unauthenticated Hook Injection
Description The Email Log plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 2.4.8 via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The...
CVE-2024-0866
CVE-2024-0866 affects the Check & Log Email WordPress plugin. It enables Unauthenticated Hook Injection in versions up to 1.0.9 via check_nonce, requiring a known nonce and no capability check. Documented impact is high (CVSS 3.1 8.1); Red Hat and Wordfence sources corroborate. The vulnerability ...
CVE-2024-0866 Check & Log Email <= 1.0.9 - Unauthenticated Hook Injection
The Check & Log Email plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 1.0.9 via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The acti...
Check & Log Email < 1.0.10 - Unauthenticated Hook Injection
Description The plugin is vulnerable to Unauthenticated Hook Injection via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the attacker wishes to execute needs to have a nonce check, a...