8 matches found
EUVD-2023-51854
Malicious code in bioql PyPI...
CVE-2023-47756
Missing Authorization vulnerability in David Vongries Welcome Email Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcome Email Editor: from n/a through 5.0.6...
CVE-2023-47756
Missing Authorization vulnerability in David Vongries Welcome Email Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcome Email Editor: from n/a through 5.0.6...
CVE-2023-47756 WordPress Welcome Email Editor plugin <= 5.0.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in David Vongries Welcome Email Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcome Email Editor: from n/a through 5.0.6...
CVE-2023-47756 WordPress Welcome Email Editor plugin <= 5.0.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in David Vongries Welcome Email Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcome Email Editor: from n/a through 5.0.6...
PT-2024-13479 · Unknown · Welcome Email Editor
Name of the Vulnerable Software and Affected Versions: Welcome Email Editor versions through 5.0.6 Description: The issue is related to a Missing Authorization vulnerability in the Welcome Email Editor, which allows exploiting incorrectly configured access control security levels. Recommendations...
WordPress Welcome Email Editor Plugin <= 5.0.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software Welcome Email Editor Type Plugin Vulnerable versions = 5.0.6 Fixed in 5.0.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f7071fbb1d62 Credits ajaxhandler Required...
Welcome Email Editor < 5.0.7 - Subscriber+ Email Sending
Description The plugin does not have authorisation in its ajaxhandler function, allowing any authenticated users, such as subscriber to call it and send various emails...