Filtered by vendor Wp-email Project
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-1630 | 1 Wp-email Project | 1 Wp-email | 2024-08-03 | 6.5 Medium |
| The WP-EMail WordPress plugin before 2.69.0 does not protect its log deletion functionality with nonce checks, allowing attacker to make a logged in admin delete logs via a CSRF attack | ||||
| CVE-2022-1614 | 1 Wp-email Project | 1 Wp-email | 2024-08-03 | 7.5 High |
| The WP-EMail WordPress plugin before 2.69.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based anti-spamming restrictions. | ||||
Page 1 of 1.