46 matches found
CVE-2026-1164
The Easy Voice Mail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘message’ parameter in all versions up to, and including, 1.2.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level...
CVE-2026-1164
The Easy Voice Mail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘message’ parameter in all versions up to, and including, 1.2.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level...
CVE-2026-1164 Easy Voice Mail <= 1.2.5 - Unauthenticated Stored Cross-Site Scripting via 'message'
The Easy Voice Mail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘message’ parameter in all versions up to, and including, 1.2.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level...
CVE-2026-1164
CVE-2026-1164 describes a Stored Cross-Site Scripting vulnerability in the WordPress plugin Easy Voice Mail (versions up to and including 1.2.5). An authenticated attacker with at least Administrator-level access can inject arbitrary scripts via the message parameter, which are executed when user...
CVE-2026-1164 Easy Voice Mail <= 1.2.5 - Unauthenticated Stored Cross-Site Scripting via 'message'
The Easy Voice Mail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘message’ parameter in all versions up to, and including, 1.2.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level...
WordPress plugin Easy Voice Mail 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-8049
The Easy Voice Mail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘message’ parameter in all versions up to, and including, 1.2.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level...
WordPress Easy Voice Mail plugin <= 1.2.5 - Unauthenticated Stored Cross-Site Scripting via 'message' vulnerability
Unauthenticated Stored Cross-Site Scripting via 'message' vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin Easy Voice Mail versions = 1.2.5...
CVE-2022-23835
The Visual Voice Mail VVM application through 2022-02-24 for Android allows persistent access if an attacker temporarily controls an application that has the READSMS permission, and reads an IMAP credentialing message that is by design not displayed to the victim within the AOSP SMS/MMS messaging...
EUVD-2007-1817
Malware in sbrugna...
EUVD-2007-1816
Malware in sbrugna...
EUVD-2007-1815
Malware in sbrugna...
Microsoft Exchange Server Spoofing Vulnerability (CNVD-2023-72226)
Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides e-mail access, storage, forwarding, voice mail, e-mail filtering and screening. A spoofing vulnerability exists in Microsoft Exchange Server, which can be exploited by attackers...
Microsoft Exchange Server Elevation of Privilege Vulnerability (CNVD-2023-64869)
Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides e-mail access, storage, forwarding, voice mail, e-mail filtering and screening. An elevation of privilege vulnerability exists in Microsoft Exchange Server, which can be exploit...
Command Execution Vulnerability in 4A Unified Security Control Platform of Beijing Qixingchen Information Security Technology Co.
Beijing Qixingchen Information Security Technology Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application service industry. A command execution vulnerability exists in the 4A Unified Security Control Platform of Beijing Qixingchen Information Security...
Microsoft Exchange Server Elevation of Privilege Vulnerability (CNVD-2022-89608)
Microsoft Exchange Server is a set of email service programs from Microsoft Corporation USA. It provides mail access, storage, forwarding, voice mail, mail filtering and other functions. An attacker could exploit this vulnerability to elevate privileges...
Microsoft Exchange Server Spoofing Vulnerability (CNVD-2023-72230)
Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides e-mail access, storage, forwarding, voice mail, e-mail filtering and screening. A spoofing vulnerability exists in Microsoft Exchange Server, which can be exploited by attackers...
Google Android Information Disclosure Vulnerability (CNVD-2022-26780)
Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability that stems from a lack of permission checking in voice mail. An attacker could use this vulnerability to obtain sensitive information...
The vulnerability of IMAP servers for direct-access voice mail systems with the Visual Voice Mail (VVM) visual interface for Android allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of IMAP servers for direct-access voice mail services with the Visual Voice Mail VVM visual interface on Android devices is related to insufficient protection of service data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to...
CVE-2022-23835
The Visual Voice Mail VVM application through 2022-02-24 for Android allows persistent access if an attacker temporarily controls an application that has the READSMS permission, and reads an IMAP credentialing message that is by design not displayed to the victim within the AOSP SMS/MMS messaging...