Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Associated Vulnerability
Clear Filters
Found 112 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-3614 AcyMailing 9.11.0 - 10.8.1 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation acybaAcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress High 8.8 2026-04-16 05:29:54 Deep Dive
CVE-2026-1651 Email Subscribers & Newsletters <= 5.9.16 - Authenticated (Administrator+) SQL Injection via 'workflow_ids' Parameter icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 6.5 2026-03-04 01:22:00 Deep Dive
CVE-2026-2452 Unsafe variable evaluation in email templates pretixpretix-newsletter--2026-02-16 10:16:22 Deep Dive
CVE-2025-14852 MDirector Newsletter <= 4.5.8 - Cross-Site Request Forgery to Plugin Settings Update antevenioMDirector Newsletter WordPress Plugin Medium 4.3 2026-02-14 06:42:31 Deep Dive
CVE-2026-1051 Newsletter – Send awesome emails from WordPress <= 9.1.0 - Cross-Site Request Forgery to Newsletter Unsubscription satolloNewsletter – Send awesome emails from WordPress Medium 4.3 2026-01-20 01:22:46 Deep Dive
CVE-2025-14904 Newsletter Email Subscribe <= 2.4 - Cross-Site Request Forgery to Plugin Settings Update anilankolaNewsletter Email Subscribe Medium 4.3 2026-01-07 06:35:57 Deep Dive
CVE-2025-67999 WordPress Newsletter plugin <= 9.0.9 - SQL Injection vulnerability Stefano LissaNewsletter High 7.6 2025-12-16 08:12:59 Deep Dive
CVE-2025-67948 WordPress SendPulse Email Marketing Newsletter plugin <= 2.2.1 - Sensitive Data Exposure vulnerability SendPulseSendPulse Email Marketing Newsletter--2025-12-16 08:12:57 Deep Dive
CVE-2025-12348 Email Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Action Scheduler Task Execution icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 5.3 2025-12-12 09:20:29 Deep Dive
CVE-2025-13515 Nouri.sh Newsletter <= 1.0.1.3 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] danrajkumarNouri.sh Newsletter Medium 6.1 2025-12-05 06:07:20 Deep Dive
CVE-2025-12935 FluentCRM - Marketing Automation For WordPress <= 2.9.84 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'fluentcrm_content' Shortcode techjewelFluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution Medium 6.4 2025-11-21 12:28:08 Deep Dive
CVE-2025-12349 Email Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Mailing Queue Trigger icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 5.3 2025-11-19 04:28:19 Deep Dive
CVE-2025-12644 Nonaki – Drag and Drop Email Template builder and Newsletter plugin for WordPress <= 1.0.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Fields wpcoxNonaki – Drag and Drop Email Template builder and Newsletter plugin for WordPress Medium 6.4 2025-11-11 03:30:38 Deep Dive
CVE-2025-48308 WordPress Newsletter subscription optin module plugin <= 1.2.9 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability nonletterNewsletter subscription optin module High 7.1 2025-08-28 12:36:50 Deep Dive
CVE-2025-49871 WordPress Noptin plugin <= 3.8.7 - Cross Site Scripting (XSS) Vulnerability Noptin Newsletter TeamNoptin Medium 5.9 2025-06-17 15:01:17 Deep Dive
CVE-2025-3582 Newsletter < 8.8.5 - Admin+ Stored XSS via Form UnknownNewsletter--2025-06-09 06:00:14 Deep Dive
CVE-2025-3581 Newsletter < 8.8.5 - Admin+ Stored XSS via Widget UnknownNewsletter--2025-06-09 06:00:02 Deep Dive
CVE-2025-3584 Newsletter < 8.8.2 - Admin+ Stored XSS via Subscription UnknownNewsletter--2025-06-03 06:00:17 Deep Dive
CVE-2025-47547 WordPress SendPulse Email Marketing Newsletter plugin <= 2.1.6 - Cross Site Scripting (XSS) Vulnerability SendPulseSendPulse Email Marketing Newsletter Medium 6.5 2025-05-07 14:20:18 Deep Dive
CVE-2025-3583 Newsletter < 8.7.1 - Admin+ Stored XSS UnknownNewsletter--2025-05-05 06:00:03 Deep Dive