Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-17173

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00135EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-43891

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00429EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/08 1:19 p.m.4 views

CVE-2025-28974

Cross-Site Request Forgery CSRF vulnerability in mail250 Free WP Mail SMTP free-wp-mail-smtp allows Stored XSS.This issue affects Free WP Mail SMTP: from n/a through = 1.0...

7.1CVSS5.9AI score0.00135EPSS
Exploits0References1
NVD
NVD
added 2025/06/06 1:15 p.m.6 views

CVE-2025-28974

Cross-Site Request Forgery CSRF vulnerability in mail250 Free WP Mail SMTP free-wp-mail-smtp allows Stored XSS.This issue affects Free WP Mail SMTP: from n/a through = 1.0...

7.1CVSS0.00135EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 12:54 p.m.37 views

CVE-2025-28974

CVE-2025-28974 is a CSRF-to-Stored XSS vulnerability in the Free WP Mail SMTP (mail250) WordPress plugin. The issue affects Free WP Mail SMTP versions from n/a through 1.0, with a CVSSv3.1 base score of 7.1 (High). The connected documentation confirms the vulnerability class (CSRF leading to Stor...

7.1CVSS5.9AI score0.00135EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/06 12:54 p.m.17 views

CVE-2025-28974 WordPress Free WP Mail SMTP plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in mail250 Free WP Mail SMTP free-wp-mail-smtp allows Stored XSS.This issue affects Free WP Mail SMTP: from n/a through = 1.0...

7.1CVSS0.00135EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/06 12:0 a.m.2 views

PT-2025-24129 · WordPress · Free Wp Mail Smtp

Name of the Vulnerable Software and Affected Versions: Free WP Mail SMTP versions 1.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web application, and...

7.1CVSS6.8AI score0.00135EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 2:11 a.m.5 views

CVE-2023-3213

The WP Mail SMTP Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the isprintpage function in versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to disclose potentially sensitive email information...

5.3CVSS6.5AI score0.00429EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/07/22 12:0 a.m.25 views

WordPress WP Mail SMTP by WPForms Plugin <= 4.0.1 is vulnerable to Sensitive Data Exposure

Software WP Mail SMTP by WPForms Type Plugin Vulnerable versions = 4.0.1 Fixed in 4.1.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6694 Patch priority Low CVSS severity Low 2.7 Developer Claim ownership PSID 45f83918c270 Credits Guus Verbeek...

2.7CVSS6.5AI score0.00574EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2024/07/20 3:20 a.m.123 views

CVE-2024-6694

CVE-2024-6694 affects the WP Mail SMTP plugin for WordPress up to version 4.0.1. An authenticated admin can view the SMTP password in the SMTP Password field when viewing settings, leading to information exposure of the configured mail server credentials. The documented impact is limited to infor...

2.7CVSS3.4AI score0.00574EPSS
Exploits0References2
Prion
Prion
added 2023/10/04 2:15 a.m.20 views

Design/Logic Flaw

The WP Mail SMTP Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the isprintpage function in versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to disclose potentially sensitive email information...

5CVSS5.3AI score0.00429EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/04 1:52 a.m.27 views

CVE-2023-3213 WP Mail SMTP Pro <= 3.8.0 - Missing Authorization to Information Dislcosure via is_print_page

The WP Mail SMTP Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the isprintpage function in versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to disclose potentially sensitive email information...

5.3CVSS5.3AI score0.00429EPSS
Exploits0References2
CVE
CVE
added 2023/10/04 1:52 a.m.57 views

CVE-2023-3213

CVE-2023-3213 affects the WordPress plugin WP Mail SMTP Pro . The vulnerability stems from a missing capability check in the function used to render the print page, allowing unauthenticated users to access potentially sensitive email information. Affected versions are up to and including 3.8.0 . ...

5.3CVSS5.3AI score0.00429EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2018/12/07 12:0 a.m.11 views

WordPress WP Mail SMTP by WPForms plugin <= 1.3.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability found by RIPS Technologies in WordPress WP Mail SMTP by WPForms plugin versions = 1.3.3. Solution Update the WordPress WP Mail SMTP by WPForms plugin to the latest available version at least 1.4.0...

1.5AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2018/12/02 12:0 a.m.16 views

WP Mail SMTP by WPForms <= 1.3.3 - Authenticated Stored Cross-Site Scripting (XSS)

The WP Mail SMTP by WPForms WordPress plugin was affected by an Authenticated Stored Cross-Site Scripting XSS security vulnerability...

1.1AI score
Exploits0References2Affected Software1
Rows per page
Query Builder