VYPR

Ultimate Wp Mail

by WordPress

Source repositories

CVEs (5)

  • CVE-2025-49288HigJun 6, 2025
    risk 0.57cvss 8.8epss 0.00

    Missing Authorization vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Authentication Bypass.This issue affects Ultimate WP Mail: from n/a through <= 1.3.5.

  • CVE-2025-47490HigMay 7, 2025
    risk 0.55cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows SQL Injection.This issue affects Ultimate WP Mail: from n/a through <= 1.3.4.

  • CVE-2025-53454MedSep 22, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Stored XSS.This issue affects Ultimate WP Mail: from n/a through <= 1.3.8.

  • CVE-2025-47466MedMay 7, 2025
    risk 0.35cvss 5.4epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Cross Site Request Forgery.This issue affects Ultimate WP Mail: from n/a through <= 1.3.4.

  • CVE-2025-32694MedApr 9, 2025
    risk 0.31cvss 4.7epss 0.00

    URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Phishing.This issue affects Ultimate WP Mail: from n/a through <= 1.3.10.