Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 74 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-13739 Newsletters <= 4.9.9.7 - Reflected Cross-Site Scripting via To Parameter contridNewsletters Medium 6.1 2025-03-22 04:22:05 Deep Dive
CVE-2024-11582 Subscribe2 – Form, Email Subscribers & Newsletters <= 10.43 - Unauthenticated Stored Cross-Site Scripting via IP Parameter wedevsSubscribe2 – Form, Email Subscribers & Newsletters High 7.2 2025-02-19 03:21:12 Deep Dive
CVE-2025-24599 WordPress Newsletters plugin <= 4.9.9.6 - Reflected Cross Site Scripting (XSS) vulnerability Tribulant SoftwareNewsletters High 7.1 2025-02-04 14:21:15 Deep Dive
CVE-2024-37242 WordPress Newspack Newsletters plugin <= 2.13.2 - Cross Site Request Forgery (CSRF) vulnerability AutomatticNewspack Newsletters Medium 4.3 2025-01-02 12:00:44 Deep Dive
CVE-2024-53784 WordPress Smart Marketing SMS and Newsletters Forms plugin <= 5.0.4 - Broken Access Control vulnerability E-goiSmart Marketing SMS and Newsletters Forms Medium 4.3 2024-12-02 13:48:27 Deep Dive
CVE-2024-37475 WordPress Newspack Newsletters plugin <= 2.13.2 - Broken Access Control vulnerability AutomatticNewspack Newsletters Medium 5.3 2024-11-01 14:18:17 Deep Dive
CVE-2024-10181 Newsletters <= 4.9.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via newsletters_video Shortcode contridNewsletters Medium 6.4 2024-10-29 11:32:52 Deep Dive
CVE-2024-47346 WordPress Newsletters plugin <= 4.9.9.1 - Reflected Cross Site Scripting (XSS) vulnerability Tribulant SoftwareNewsletters High 7.1 2024-10-06 10:30:51 Deep Dive
CVE-2024-8254 Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.34 - Authenticated (Subscriber+) Arbitrary Shortcode Execution icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 5.4 2024-10-02 06:46:02 Deep Dive
CVE-2024-8771 Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.34 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 4.3 2024-09-26 15:30:34 Deep Dive
CVE-2024-8628 Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin <= 1.2.70.3 - Authenticated (Contributor+) Stored Cross-Site Scripting properfractionMailOptin – Popup, Optin Forms & Email Newsletters for Mailchimp, HubSpot, AWeber Etc. Medium 5.4 2024-09-24 03:06:38 Deep Dive
CVE-2024-8247 Newsletters <= 4.9.9.2 - Authenticated Privilege Escalation contridNewsletters High 8.8 2024-09-06 03:30:41 Deep Dive
CVE-2024-43279 WordPress Newsletters plugin <= 4.9.8 - Cross Site Scripting (XSS) vulnerability TribulantNewsletters High 7.1 2024-08-18 21:16:20 Deep Dive
CVE-2024-7411 Newsletters <= 4.9.9 - Unauthenticated Full Path Disclosure contridNewsletters Medium 5.3 2024-08-15 07:32:36 Deep Dive
CVE-2024-5703 Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin <= 5.7.26 - Missing Authorization icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 4.3 2024-07-17 07:32:19 Deep Dive
CVE-2024-6172 Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.25 - Unauthenticated SQL Injection via unsubscribe icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Critical 9.8 2024-07-02 06:49:43 Deep Dive
CVE-2024-37252 WordPress Email Subscribers by Icegram Express plugin <= 5.7.25 - SQL Injection vulnerability IcegramEmail Subscribers & Newsletters Critical 9.3 2024-06-26 10:13:48 Deep Dive
CVE-2024-37227 WordPress Newsletters plugin <= 4.9.7 - Cross Site Request Forgery (CSRF) vulnerability TribulantNewsletters Medium 4.3 2024-06-21 13:40:53 Deep Dive
CVE-2024-5756 Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin <= 5.7.23 - Unauthenticated SQL Injection via optin icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Critical 9.8 2024-06-21 04:34:11 Deep Dive
CVE-2023-35040 WordPress SendPress Newsletters plugin <= 1.26.1.20 - Broken Access Control vulnerability brewlabsSendPress Newsletters Medium 5.3 2024-06-13 23:51:45 Deep Dive