Lucene search
K

57 matches found

CVE
CVE
added 2026/01/20 4:35 a.m.23 views

CVE-2025-14348

The CVE-2025-14348 entry concerns the weMail WordPress plugin (versions

5.3CVSS5.5AI score0.00268EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.8 views

WordPress plugin weMail has a licensing issue vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

5.3CVSS5.8AI score0.00268EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.8 views

PT-2026-3535

The weMail - Email Marketing, Lead Generation, Optin Forms, Email Newsletters, A/B Testing, and Automation plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.7. This is due to the plugin's REST API trusting the x-wemail-user HTTP header to identif...

5.3CVSS5.5AI score0.00268EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/01/19 10:12 p.m.6 views

WordPress weMail plugin <= 2.0.7 - Insufficient Authorization via x-wemail-user Header to Sensitive Information Disclosure vulnerability

Insufficient Authorization via x-wemail-user Header to Sensitive Information Disclosure vulnerability discovered by shark3y in WordPress Plugin weMail versions = 2.0.7...

5.3CVSS5.5AI score0.00268EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-13795

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00336EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-35087

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00381EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-40131

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.0029EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:53 a.m.8 views

CVE-2024-34822

Missing Authorization vulnerability in weDevs weMail.This issue affects weMail: from n/a through 1.14.2...

5.3CVSS6.9AI score0.00381EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/09 3:26 p.m.12 views

CVE-2025-47540

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail wemail allows Retrieve Embedded Sensitive Data.This issue affects weMail: from n/a through = 1.14.13...

7.5CVSS7.2AI score0.00336EPSS
Exploits0References1
NVD
NVD
added 2025/05/07 3:16 p.m.14 views

CVE-2025-47540

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail wemail allows Retrieve Embedded Sensitive Data.This issue affects weMail: from n/a through = 1.14.13...

7.5CVSS0.00336EPSS
Exploits0References1
OSV
OSV
added 2025/05/07 3:16 p.m.4 views

CVE-2025-47540

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail allows Retrieve Embedded Sensitive Data. This issue affects weMail: from n/a through 1.14.13...

7.5CVSS5.8AI score0.00336EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 2:20 p.m.51 views

CVE-2025-47540

Summary: CVE-2025-47540 affects WordPress weMail up to version 1.14.13, enabling exposure of sensitive system information to an unauthorized control sphere and retrieval of embedded sensitive data. The NVD/CVSS metrics indicate a high-severity, network-exploitable issue (CVSS v3.1: AV:N/AC:L/PR:N...

7.5CVSS7.2AI score0.00336EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/07 2:20 p.m.22 views

CVE-2025-47540 WordPress weMail plugin <= 1.14.13 - Sensitive Data Exposure Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail wemail allows Retrieve Embedded Sensitive Data.This issue affects weMail: from n/a through = 1.14.13...

5.3CVSS0.00336EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/07 2:20 p.m.25 views

CVE-2025-47540 WordPress weMail plugin <= 1.14.13 - Sensitive Data Exposure Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail wemail allows Retrieve Embedded Sensitive Data.This issue affects weMail: from n/a through = 1.14.13...

5.3CVSS8.6AI score0.00336EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.3 views

WordPress plugin weMail 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.5CVSS6.1AI score0.00336EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.22 views

PT-2025-20154 · Wedevs · Webmail

Name of the Vulnerable Software and Affected Versions: weDevs weMail versions 1.14.13 and earlier Description: The issue allows exposure of sensitive system information to an unauthorized control sphere, enabling the retrieval of embedded sensitive data. Recommendations: For weDevs weMail version...

7.5CVSS6AI score0.00336EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 12:34 p.m.11 views

CVE-2024-43238

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs weMail wemail allows DOM-Based XSS.This issue affects weMail: from n/a through = 1.14.5...

7.1CVSS5.9AI score0.0029EPSS
Exploits0References1
NVD
NVD
added 2024/08/18 2:15 p.m.13 views

CVE-2024-43238

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs weMail wemail allows DOM-Based XSS.This issue affects weMail: from n/a through = 1.14.5...

7.1CVSS0.0029EPSS
Exploits0References1
OSV
OSV
added 2024/08/18 2:15 p.m.4 views

CVE-2024-43238

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in weDevs weMail allows Reflected XSS.This issue affects weMail: from n/a through 1.14.5...

6.1CVSS5.8AI score0.0029EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/18 1:38 p.m.12 views

CVE-2024-43238 WordPress weMail plugin <= 1.14.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs weMail wemail allows DOM-Based XSS.This issue affects weMail: from n/a through = 1.14.5...

7.1CVSS5.2AI score0.0029EPSS
Exploits0References1
Rows per page
Query Builder