Vulners
Lucene search
CodemiqWordpress Email Template Designer
2 matches found
CVE-2022-0218
CVE-2022-0218 (WP HTML Mail ≤ 3.0.9) : WordPress Email Template Designer WP HTML Mail exposes an unprotected REST-API endpoint (/themesettings) due to a missing capability check in includes/class-template-designer.php, enabling unauthenticated users to retrieve/modify theme settings. Connected so...
8.3CVSS6.5AI score0.50353EPSS
CVE-2021-20779
The CVE-2021-20779 issue affects the WordPress plugin WordPress Email Template Designer - WP HTML Mail, specifically versions prior to 3.0.8. The vulnerability is Cross-site Request Forgery (CSRF) that can allow an attacker to hijack administrator authentication via unspecified vectors. Root caus...
8.8CVSS8.8AI score0.00151EPSS