Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 253 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-11762 HubSpot All-In-One Marketing - Forms, Popups, Live Chat <= 11.3.32 - Missing Authorization to Authenticated (Contributor+) Installed Plugin Disclosure hubspotdevHubSpot All-In-One Marketing – Forms, Popups, Live Chat Medium 4.3 2026-04-24 07:45:07 Deep Dive
CVE-2026-3614 AcyMailing 9.11.0 - 10.8.1 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation acybaAcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress High 8.8 2026-04-16 05:29:54 Deep Dive
CVE-2026-2263 Hustle – Email Marketing, Lead Generation, Optins, Popups <= 7.8.10.2 - Missing Authorization to Unauthenticated Conversion Tracking Data Manipulation wpmudevHustle – Email Marketing, Lead Generation, Optins, Popups Medium 5.3 2026-04-07 23:25:27 Deep Dive
CVE-2026-2298 Salesforce Marketing Cloud Engagement 安全漏洞 SalesforceMarketing Cloud Engagement--2026-03-23 19:54:33 Deep Dive
CVE-2024-42210 HCL Unica Marketing Operations v12.1.8 and lower is affected by a Stored cross-site scripting (XSS) vulnerability HCLSoftwareUnica Marketing Operations (Plan) High 7.6 2026-03-19 07:32:41 Deep Dive
CVE-2026-32361 WordPress Editorial Calendar plugin <= 3.9.0 - Cross Site Scripting (XSS) vulnerability Marketing FireEditorial Calendar 中危 -2026-03-13 11:42:05 Deep Dive
CVE-2026-27984 WordPress Widget Options plugin <= 4.1.3 - Remote Code Execution (RCE) vulnerability Marketing FireWidget Options 中危 -2026-03-05 05:54:04 Deep Dive
CVE-2026-1651 Email Subscribers & Newsletters <= 5.9.16 - Authenticated (Administrator+) SQL Injection via 'workflow_ids' Parameter icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 6.5 2026-03-04 01:22:00 Deep Dive
CVE-2025-14339 weMail <= 2.0.7 - Missing Authorization to Unauthenticated Form Deletion wedevsweMail: Email Marketing, Email Automation, Newsletters, Subscribers & Email Optins for WooCommerce Medium 6.5 2026-02-21 09:28:00 Deep Dive
CVE-2025-68895 WordPress AhaChat Messenger Marketing plugin <= 1.1 - Broken Authentication vulnerability ahachatAhaChat Messenger Marketing--2026-02-20 15:46:45 Deep Dive
CVE-2025-13079 Popup Builder - Create highly converting, mobile friendly marketing popups. <= 4.4.2 - Improper Authorization to Unauthenticated Subscriber Removal via Predictable Tokens popupbuilderPopup Builder – Create highly converting, mobile friendly marketing popups. Medium 5.3 2026-02-19 03:25:15 Deep Dive
CVE-2026-1258 Mail Mint <= 1.19.2 - Authenticated (Administrator+) SQL Injection via Multiple API Endpoints getwpfunnelsMail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails Medium 4.9 2026-02-14 08:26:48 Deep Dive
CVE-2025-15157 Starfish Review Generation & Marketing for WordPress <= 3.1.19 - Authenticated (Subscriber+) Arbitrary Options Update via srm_restore_options_defaults starfishwpStarfish Review Generation & Marketing for WordPress High 8.8 2026-02-13 21:23:04 Deep Dive
CVE-2026-1447 Mail Mint <= 1.19.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting getwpfunnelsMail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails Medium 5.4 2026-02-03 06:38:06 Deep Dive
CVE-2025-14316 AhaChat Messenger Marketing <= 1.1 - Reflected XSS UnknownAhaChat Messenger Marketing--2026-01-26 06:00:14 Deep Dive
CVE-2026-0911 Hustle <= 7.8.9.2 - Authenticated (Subscriber+) Arbitrary File Upoload via Module Import wpmudevHustle – Email Marketing, Lead Generation, Optins, Popups High 7.5 2026-01-24 12:27:15 Deep Dive
CVE-2026-22583 Salesforce Marketing Cloud Engagement 安全漏洞 SalesforceMarketing Cloud Engagement 中危 -2026-01-24 00:20:55 Deep Dive
CVE-2026-22582 Salesforce Marketing Cloud Engagement 安全漏洞 SalesforceMarketing Cloud Engagement 中危 -2026-01-24 00:19:26 Deep Dive
CVE-2026-22586 Salesforce Marketing Cloud Engagement 安全漏洞 SalesforceMarketing Cloud Engagement 中危 -2026-01-24 00:17:08 Deep Dive
CVE-2026-22585 Salesforce Marketing Cloud Engagement 安全漏洞 SalesforceMarketing Cloud Engagement 中危 -2026-01-24 00:15:03 Deep Dive