Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Speakdigital Subscribe
Filtered by product Bulk Delete Users By Email
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-4266 1 Speakdigital 1 Bulk Delete Users By Email 2023-01-04 N/A 6.5 MEDIUM
The Bulk Delete Users by Email WordPress plugin through 1.2 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete non admin users by knowing their email via a CSRF attack
CVE-2022-4267 1 Speakdigital 1 Bulk Delete Users By Email 2023-01-04 N/A 6.1 MEDIUM
The Bulk Delete Users by Email WordPress plugin through 1.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting