Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wp-email project wp-email vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2022-1614
The WP-EMail WordPress plugin prior to 2.69.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based anti-spamming restrictions.
Wp-email Project Wp-email
4.3
CVSSv2
CVE-2022-1630
The WP-EMail WordPress plugin prior to 2.69.0 does not protect its log deletion functionality with nonce checks, allowing malicious user to make a logged in admin delete logs via a CSRF attack
Wp-email Project Wp-email
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started