7 matches found
EUVD-2024-40131
Malicious code in bioql PyPI...
CVE-2025-47540
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail wemail allows Retrieve Embedded Sensitive Data.This issue affects weMail: from n/a through = 1.14.13...
PT-2025-20154 · Wedevs · Webmail
Name of the Vulnerable Software and Affected Versions: weDevs weMail versions 1.14.13 and earlier Description: The issue allows exposure of sensitive system information to an unauthorized control sphere, enabling the retrieval of embedded sensitive data. Recommendations: For weDevs weMail version...
CVE-2024-43238
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs weMail wemail allows DOM-Based XSS.This issue affects weMail: from n/a through = 1.14.5...
CVE-2024-43238
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs weMail wemail allows DOM-Based XSS.This issue affects weMail: from n/a through = 1.14.5...
CVE-2024-43238
CVE-2024-43238: WeMail for WordPress has a Reflected XSS in web page generation. Affected: the weMail plugin up to version 1.14.5 (from n/a through 1.14.5). According to the connected docs, the issue is publicly associated with this CVE and has a patch status indicating it was addressed (patched)...
CVE-2024-34822
CVE-2024-34822 is a Missing Authorization vulnerability in the weMail WordPress plugin (affected: weMail up to 1.14.2). Public sources (NVD, Red Hat, CVE listings, Vuln enrichment) classify the impact as a Medium Severity (CVSS v3.1 base 5.3) with no confidentiality impact, low integrity impact, ...