131 matches found
CVE-2026-1831
The YayMail - WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized plugin installation and activation due to missing capability checks on the 'yaymailinstallyaysmtp' AJAX action and /yaymail/v1/addons/activate REST endpoint in all versions up to, and including, 4.3.2...
CVE-2026-1831
The YayMail - WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized plugin installation and activation due to missing capability checks on the 'yaymailinstallyaysmtp' AJAX action and /yaymail/v1/addons/activate REST endpoint in all versions up to, and including, 4.3.2...
CVE-2026-1831
CVE-2026-1831 (YayMail) is a WordPress plugin vulnerability affecting YayMail – WooCommerce Email Customizer. Wordfence reports missing capability checks on the AJAX action yaymail_install_yaysmtp and the REST endpoint /yaymail/v1/addons/activate, enabling authenticated attackers with Shop Manage...
CVE-2026-1831
The YayMail - WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized plugin installation and activation due to missing capability checks on the 'yaymailinstallyaysmtp' AJAX action and /yaymail/v1/addons/activate REST endpoint in all versions up to, and including, 4.3.2...
CVE-2026-1831 YayMail <= 4.3.2 - Missing Authorization to Authenticated (Shop Manager+) Plugin Installation and Activation
The YayMail - WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized plugin installation and activation due to missing capability checks on the 'yaymailinstallyaysmtp' AJAX action and /yaymail/v1/addons/activate REST endpoint in all versions up to, and including, 4.3.2...
CVE-2026-1831 YayMail <= 4.3.2 - Missing Authorization to Authenticated (Shop Manager+) Plugin Installation and Activation
The YayMail - WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized plugin installation and activation due to missing capability checks on the 'yaymailinstallyaysmtp' AJAX action and /yaymail/v1/addons/activate REST endpoint in all versions up to, and including, 4.3.2...
PT-2026-20287
The YayMail - WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized plugin installation and activation due to missing capability checks on the 'yaymail install yaysmtp' AJAX action and /yaymail/v1/addons/activate REST endpoint in all versions up to, and including, 4.3.2...
EUVD-2022-34636
Malicious code in bioql PyPI...
EUVD-2022-34638
Malicious code in bioql PyPI...
EUVD-2025-21650
Malicious code in bioql PyPI...
EUVD-2022-34637
Malicious code in bioql PyPI...
EUVD-2025-21656
Malicious code in bioql PyPI...
EUVD-2022-34639
Malicious code in bioql PyPI...
EUVD-2025-19394
Malicious code in bioql PyPI...
EUVD-2025-13784
Malicious code in bioql PyPI...
EUVD-2025-4436
Malicious code in bioql PyPI...
EUVD-2023-43781
Malicious code in bioql PyPI...
EUVD-2025-4700
Malicious code in bioql PyPI...
CVE-2025-48301
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in YayCommerce SMTP for SendGrid – YaySMTP smtp-sendgrid allows SQL Injection.This issue affects SMTP for SendGrid – YaySMTP: from n/a through = 1.5...
CVE-2025-48161
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in YayCommerce YaySMTP smtp-sendinblue allows SQL Injection.This issue affects YaySMTP: from n/a through = 1.3...