Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 74 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-4845 Icegram Express <= 5.7.22 - Authenticated (Subscriber+) SQL Injection Vulnerability via options[list_id] icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress High 8.8 2024-06-12 09:33:12 Deep Dive
CVE-2024-31352 WordPress Icegram Express plugin <= 5.7.13 - Broken Access Control vulnerability -Email Subscribers & Newsletters Medium 5.3 2024-06-09 17:23:55 Deep Dive
CVE-2024-35718 WordPress Newsletters plugin <= 4.9.5 - Reflected Cross Site Scripting (XSS) vulnerability TribulantNewsletters High 7.1 2024-06-08 13:17:12 Deep Dive
CVE-2024-4295 Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via hash icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Critical 9.8 2024-06-05 05:33:06 Deep Dive
CVE-2024-4045 Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation <= 2.16.1 - Authenticated (Contributor+) Stored Cross-Site Scripting smubPopup Builder & Popup Maker for WordPress – OptinMonster Email Marketing and Lead Generation Medium 6.4 2024-05-25 05:36:44 Deep Dive
CVE-2024-3626 Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.17 - Missing Authorization icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 4.3 2024-05-23 05:32:15 Deep Dive
CVE-2024-4010 Email Subscribers by Icegram Express <= 5.7.19 - Missing Authorization in handle_ajax_request icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress High 8.8 2024-05-15 08:34:13 Deep Dive
CVE-2024-2876 Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin <= 5.7.14 - Unauthenticated SQL Injection icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Critical 9.8 2024-05-02 16:52:46 Deep Dive
CVE-2024-32954 WordPress Newsletters plugin <= 4.9.5 - Arbitrary File Upload vulnerability TribulantNewsletters Critical 9.1 2024-04-24 10:37:46 Deep Dive
CVE-2024-32953 WordPress Newsletters plugin <= 4.9.5 - Sensitive Data Exposure vulnerability -Newsletters High 7.5 2024-04-24 07:36:06 Deep Dive
CVE-2024-2125 EnvíaloSimple: Email Marketing y Newsletters <= 2.3 - Cross-Site Request Forgery to Arbitrary File Upload dattateccomEnvíaloSimple: Email Marketing y Newsletters High 8.8 2024-04-09 18:58:40 Deep Dive
CVE-2024-1589 SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Form Settings UnknownSendPress Newsletters--2024-04-08 05:00:02 Deep Dive
CVE-2024-1588 SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Settings UnknownSendPress Newsletters--2024-04-08 05:00:01 Deep Dive
CVE-2024-2656 Icegram Express <= 5.7.14 - Authenticated (Administrator+) Cross-Site Scripting via CSV import icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 4.4 2024-04-06 03:24:43 Deep Dive
CVE-2024-22300 WordPress Icegram Express plugin <= 5.7.11 - Reflected Cross Site Scripting (XSS) vulnerability IcegramEmail Subscribers & Newsletters High 7.1 2024-03-27 05:56:52 Deep Dive
CVE-2023-4797 Newsletter Lite < 4.9.3 - Admin+ Command Injection UnknownNewsletters 高危 -2024-01-16 15:56:41 Deep Dive
CVE-2023-51414 WordPress EnvíaloSimple Plugin <= 2.1 is vulnerable to PHP Object Injection EnvialoSimpleEnvíaloSimple: Email Marketing y Newsletters Critical 9.6 2023-12-29 13:02:28 Deep Dive
CVE-2023-47517 WordPress SendPress Newsletters plugin <= 1.23.11.6 - Reflected Cross Site Scripting (XSS) vulnerability brewlabsSendPress Newsletters High 7.1 2023-11-14 22:17:20 Deep Dive
CVE-2023-30478 WordPress Newsletters Plugin <= 4.8.8 is vulnerable to Cross Site Request Forgery (CSRF) TribulantNewsletters 高危 -2023-11-10 13:42:15 Deep Dive
CVE-2022-45810 WordPress Email Subscribers & Newsletters Plugin <= 5.5.2 is vulnerable to CSV Injection IcegramIcegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce 超危 -2023-11-07 16:50:04 Deep Dive