| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-31434 | WordPress Newsletter plugin <= 8.0.6 - Cross Site Request Forgery (CSRF) vulnerability | Stefano Lissa & The Newsletter Team | Newsletter | Medium | 5.4 | 2024-04-15 09:28:49 | Deep Dive |
| CVE-2024-1812 | Everest Forms <= 2.0.7 - Unauthenticated Server-Side Request Forgery via font_url | wpeverest | Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder | High | 7.2 | 2024-04-09 18:59:24 | Deep Dive |
| CVE-2024-31110 | WordPress Contact Form 7 Newsletter plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability | Katz Web Services, Inc. | Contact Form 7 Newsletter | High | 7.1 | 2024-03-31 18:57:53 | Deep Dive |
| CVE-2024-30430 | WordPress FluentCRM plugin <= 2.8.44 - Cross Site Scripting (XSS) vulnerability | WP Email Newsletter Team - FluentCRM | Fluent CRM | Medium | 5.9 | 2024-03-29 13:33:24 | Deep Dive |
| CVE-2024-1793 | AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth By AWeber <= 7.3.14 - Authenticated (Admin+) SQL Injection | aweber | AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth | High | 7.2 | 2024-03-13 15:27:24 | Deep Dive |
| CVE-2023-50857 | WordPress Automation By Autonami Plugin <= 2.6.1 is vulnerable to SQL Injection | FunnelKit | Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit | High | 7.6 | 2023-12-28 10:57:47 | Deep Dive |
| CVE-2023-6381 | Improper input validation in Newsletter Software SuperMailer | SuperMailer | Newsletter Software | Low | 3.3 | 2023-12-13 10:46:13 | Deep Dive |
| CVE-2023-5108 | Easy Newsletter Signups <= 1.0.4 - Admin+ SQLi | Unknown | Easy Newsletter Signups | - | - | 2023-12-04 21:29:21 | Deep Dive |
| CVE-2023-47757 | WordPress AWeber Plugin <= 7.3.9 is vulnerable to Broken Access Control | AWeber | AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth | Medium | 4.3 | 2023-11-17 08:52:19 | Deep Dive |
| CVE-2023-47686 | WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.2.2 is vulnerable to Cross Site Request Forgery (CSRF) | Kiboko Labs | Arigato Autoresponder and Newsletter | Medium | 4.3 | 2023-11-16 22:44:51 | Deep Dive |
| CVE-2022-46803 | WordPress Noptin Plugin <= 1.9.5 is vulnerable to CSV Injection | Noptin Newsletter | Simple Newsletter Plugin – Noptin | 超危 | - | 2023-11-07 16:40:45 | Deep Dive |
| CVE-2023-45829 | WordPress Newsletter & Bulk Email Sender Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS) | HappyBox | Newsletter & Bulk Email Sender – Email Newsletter Plugin for WordPress | Medium | 6.5 | 2023-10-24 12:24:08 | Deep Dive |
| CVE-2023-41867 | WordPress AcyMailing SMTP Newsletter Plugin <= 8.6.2 is vulnerable to Cross Site Scripting (XSS) | AcyMailing Newsletter Team | AcyMailing | High | 7.1 | 2023-09-25 18:41:55 | Deep Dive |
| CVE-2023-4772 | Newsletter <= 7.8.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | satollo | Newsletter – Send awesome emails from WordPress | Medium | 6.4 | 2023-09-07 01:52:16 | Deep Dive |
| CVE-2023-3540 | SimplePHPscripts NewsLetter Script PHP URL Parameter preview.php cross site scripting | SimplePHPscripts | NewsLetter Script PHP | Low | 3.5 | 2023-07-07 15:00:05 | Deep Dive |
| CVE-2023-1430 | FluentCRM - Marketing Automation For WordPress <= 2.8.01 - Insufficient Use of Hash as Authorization Control | techjewel | FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution | Medium | 6.5 | 2023-06-09 05:33:37 | Deep Dive |
| CVE-2020-36727 | Newsletter Manager <= 1.5.1 - Insecure Deserialization | f1logic | Newsletter Manager | Critical | 9.8 | 2023-06-07 01:51:47 | Deep Dive |
| CVE-2023-2472 | Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue < 3.1.61 - Reflected XSS | Unknown | Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue | 中危 | - | 2023-06-05 13:39:03 | Deep Dive |
| CVE-2013-10028 | EELV Newsletter Plugin lettreinfo.php style_newsletter cross site scripting | - | EELV Newsletter Plugin | Low | 3.5 | 2023-06-04 18:31:04 | Deep Dive |
| CVE-2023-0766 | Newsletter Popup <= 1.2 - Record Deletion via CSRF | Unknown | Newsletter Popup | 高危 | - | 2023-05-30 07:49:19 | Deep Dive |