57 matches found
CVE-2025-14348
The CVE-2025-14348 entry concerns the weMail WordPress plugin (versions
WordPress plugin weMail has a licensing issue vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-3535
The weMail - Email Marketing, Lead Generation, Optin Forms, Email Newsletters, A/B Testing, and Automation plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.7. This is due to the plugin's REST API trusting the x-wemail-user HTTP header to identif...
WordPress weMail plugin <= 2.0.7 - Insufficient Authorization via x-wemail-user Header to Sensitive Information Disclosure vulnerability
Insufficient Authorization via x-wemail-user Header to Sensitive Information Disclosure vulnerability discovered by shark3y in WordPress Plugin weMail versions = 2.0.7...
EUVD-2025-13795
Malicious code in bioql PyPI...
EUVD-2024-35087
Malicious code in bioql PyPI...
EUVD-2024-40131
Malicious code in bioql PyPI...
CVE-2024-34822
Missing Authorization vulnerability in weDevs weMail.This issue affects weMail: from n/a through 1.14.2...
CVE-2025-47540
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail wemail allows Retrieve Embedded Sensitive Data.This issue affects weMail: from n/a through = 1.14.13...
CVE-2025-47540
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail wemail allows Retrieve Embedded Sensitive Data.This issue affects weMail: from n/a through = 1.14.13...
CVE-2025-47540
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail allows Retrieve Embedded Sensitive Data. This issue affects weMail: from n/a through 1.14.13...
CVE-2025-47540
Summary: CVE-2025-47540 affects WordPress weMail up to version 1.14.13, enabling exposure of sensitive system information to an unauthorized control sphere and retrieval of embedded sensitive data. The NVD/CVSS metrics indicate a high-severity, network-exploitable issue (CVSS v3.1: AV:N/AC:L/PR:N...
CVE-2025-47540 WordPress weMail plugin <= 1.14.13 - Sensitive Data Exposure Vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail wemail allows Retrieve Embedded Sensitive Data.This issue affects weMail: from n/a through = 1.14.13...
CVE-2025-47540 WordPress weMail plugin <= 1.14.13 - Sensitive Data Exposure Vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail wemail allows Retrieve Embedded Sensitive Data.This issue affects weMail: from n/a through = 1.14.13...
WordPress plugin weMail 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2025-20154 · Wedevs · Webmail
Name of the Vulnerable Software and Affected Versions: weDevs weMail versions 1.14.13 and earlier Description: The issue allows exposure of sensitive system information to an unauthorized control sphere, enabling the retrieval of embedded sensitive data. Recommendations: For weDevs weMail version...
CVE-2024-43238
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs weMail wemail allows DOM-Based XSS.This issue affects weMail: from n/a through = 1.14.5...
CVE-2024-43238
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs weMail wemail allows DOM-Based XSS.This issue affects weMail: from n/a through = 1.14.5...
CVE-2024-43238
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in weDevs weMail allows Reflected XSS.This issue affects weMail: from n/a through 1.14.5...
CVE-2024-43238 WordPress weMail plugin <= 1.14.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs weMail wemail allows DOM-Based XSS.This issue affects weMail: from n/a through = 1.14.5...