Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

35 matches found

RedhatCVE
RedhatCVEadded 2026/01/23 9:16 p.m.1 views

CVE-2025-67961

Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...

6.4CVSS5.4AI score0.00014EPSS
Exploits0References1
NVD
NVDadded 2026/01/22 5:16 p.m.4 views

CVE-2025-67961

Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...

6.4CVSS0.00014EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:51 p.m.2 views

CVE-2025-67961

Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...

6.4CVSS5.3AI score0.00014EPSS
Exploits0References2
CVE
CVEadded 2026/01/22 4:51 p.m.12 views

CVE-2025-67961

CVE-2025-67961 : SSRF in the WordPress WPO365 plugin’s wpo365-login component (affecting WPO365 v1.x through = 40.0) or apply vendor-provided patch; refer to Patchstack/RedHat/CVE records for the exact patched version. If patch not yet applied in environments, monitor for updates and apply once a...

6.4CVSS5.4AI score0.00014EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/01/22 4:51 p.m.1 views

CVE-2025-67961 WordPress WPO365 plugin <= 40.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...

6.4CVSS5.9AI score0.00014EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/22 4:51 p.m.13 views

CVE-2025-67961 WordPress WPO365 plugin <= 40.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...

6.4CVSS0.00014EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/01/22 12:0 a.m.2 views

WordPress plugin WPO365 has code-related vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

6.4CVSS5.9AI score0.00014EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/01/22 12:0 a.m.2 views

PT-2026-4041

Name of the Vulnerable Software and Affected Versions Marco van Wieren WPO365 versions n/a through 40.0 Description A Server-Side Request Forgery SSRF vulnerability exists in the wpo365-login component of Marco van Wieren WPO365. This flaw allows for Server Side Request Forgery. Recommendations...

5.3AI score0.00014EPSS
Exploits0References3
Patchstack
Patchstackadded 2026/01/21 11:16 a.m.3 views

WordPress WPO365 plugin <= 40.0 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WPO365 versions = 40.0...

6.4CVSS5.4AI score0.00014EPSS
Exploits0Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2021-30344

Malicious code in bioql PyPI...

9.3CVSS6.4AI score0.00587EPSS
Exploits2References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-36387

Malicious code in bioql PyPI...

6.1CVSS7.1AI score0.00088EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 5:11 a.m.6 views

CVE-2023-32119

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPO365 | Mail Integration for Office 365 / Outlook plugin = 1.9.0 versions...

6.1CVSS5.9AI score0.00088EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/02/24 10:24 p.m.1 views

WordPress WPO365 | MICROSOFT 365 GRAPH MAILER plugin <= 3.2 - Open Redirect via 'redirect_to' Parameter vulnerability

Open Redirect via 'redirectto' Parameter vulnerability discovered by Krzysztof Zając in WordPress Plugin WPO365 | MICROSOFT 365 GRAPH MAILER versions = 3.2...

6.1CVSS7AI score0.00139EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2025/02/24 11:15 a.m.4 views

CVE-2025-1488

The WPO365 | MICROSOFT 365 GRAPH MAILER plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 3.2. This is due to insufficient validation on the redirect url supplied via the 'redirectto' parameter. This makes it possible for unauthenticated attackers to redire...

6.1CVSS7.3AI score
Exploits0References4
Cvelist
Cvelistadded 2025/02/24 11:10 a.m.8 views

CVE-2025-1488 WPO365 | MICROSOFT 365 GRAPH MAILER <= 3.2 - Open Redirect via 'redirect_to' Parameter

The WPO365 | MICROSOFT 365 GRAPH MAILER plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 3.2. This is due to insufficient validation on the redirect url supplied via the 'redirectto' parameter. This makes it possible for unauthenticated attackers to redire...

4.7CVSS0.00139EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/02/24 11:10 a.m.8 views

CVE-2025-1488 WPO365 | MICROSOFT 365 GRAPH MAILER <= 3.2 - Open Redirect via 'redirect_to' Parameter

The WPO365 | MICROSOFT 365 GRAPH MAILER plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 3.2. This is due to insufficient validation on the redirect url supplied via the 'redirectto' parameter. This makes it possible for unauthenticated attackers to redire...

4.7CVSS4.7AI score0.00139EPSS
Exploits0References4
BDU FSTEC
BDU FSTECadded 2024/07/17 12:0 a.m.1 views

The vulnerability of the wpo365 plugin of the WordPress content management system allows a hacker to execute XSS attacks.

The vulnerability of the wpo365 plugin of the WordPress content management system exists due to the lack of measures taken to protect the website’s structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

6.4CVSS0.0031EPSS
Exploits0References3Affected Software1
Patchstack
Patchstackadded 2024/05/23 12:0 a.m.9 views

WordPress WPO365 Plugin <= 27.2 is vulnerable to Cross Site Scripting (XSS)

Software WPO365 Type Plugin Vulnerable versions = 27.2 Fixed in 28.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4706 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c55d5d3f53f2 Credits stealthcopter Required privilege...

6.4CVSS5.8AI score0.0031EPSS
Exploits0References3Affected Software1
NVD
NVDadded 2023/08/23 1:15 p.m.15 views

CVE-2023-32119

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPO365 | Mail Integration for Office 365 / Outlook plugin = 1.9.0 versions...

6.1CVSS5.7AI score0.00088EPSS
Exploits0References1
OSV
OSVadded 2023/08/23 1:15 p.m.2 views

CVE-2023-32119

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPO365 | Mail Integration for Office 365 / Outlook plugin = 1.9.0 versions...

6.1CVSS7.3AI score0.00088EPSS
Exploits0References1
Rows per page
Query Builder