| CVE-2024-29112 | WordPress WooCommerce Google Feed Manager plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability | WP Marketing Robot | WooCommerce Google Feed Manager | Medium | 5.9 | 2024-03-19 15:02:29 | Deep Dive |
| CVE-2024-0368 | Hustle <= 7.8.3 - Sensitive Information Exposure via Exposed Hubspot API Keys | wpmudev | Hustle – Email Marketing, Lead Generation, Optins, Popups | High | 8.6 | 2024-03-13 15:27:22 | Deep Dive |
| CVE-2023-4629 | LadiApp <= 4.4 - Cross-Site Request Forgery via save_config() | binhnguyenplus | LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… | Medium | 4.3 | 2024-03-12 09:33:57 | Deep Dive |
| CVE-2023-4729 | LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… <= 4.4 - Cross-Site Request Forgery via publish_lp() | binhnguyenplus | LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… | Medium | 4.3 | 2024-03-12 09:33:57 | Deep Dive |
| CVE-2023-4627 | LadiApp <= 4.4 - Missing Authorization via save_config() | binhnguyenplus | LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… | Medium | 4.3 | 2024-03-12 09:33:56 | Deep Dive |
| CVE-2023-4728 | LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… <= 4.4 - Missing Authorization on publish_lp() | binhnguyenplus | LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… | Medium | 4.3 | 2024-03-12 09:33:56 | Deep Dive |
| CVE-2023-4626 | WordPress Plugin LadiApp 安全漏洞 | binhnguyenplus | LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… | Medium | 4.3 | 2024-03-12 09:33:55 | Deep Dive |
| CVE-2023-4731 | LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… <= 4.4 - Cross-Site Request Forgery via init_endpoint | binhnguyenplus | LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… | Medium | 4.3 | 2024-03-12 09:33:55 | Deep Dive |
| CVE-2023-4628 | LadiApp <= 4.4 - Cross-Site Request Forgery via ladiflow_save_hook() | binhnguyenplus | LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… | Medium | 4.3 | 2024-03-12 09:33:54 | Deep Dive |
| CVE-2024-1976 | Marketing Optimizer <= 20200925 - Cross-Site Request Forgery to Stored Cross-Site Scripting | activeim | Marketing Optimizer | Medium | 4.3 | 2024-02-29 05:32:22 | Deep Dive |
| CVE-2023-6441 | SQLi in UNI-PA's University Information System | UNI-PA University Marketing & Computer Internet Trade Inc. | University Information System | Critical | 9.8 | 2024-02-14 13:11:41 | Deep Dive |
| CVE-2024-21734 | URL Redirection vulnerability in SAP Marketing (Contacts App) | SAP_SE | SAP Marketing (Contacts App) | Low | 3.7 | 2024-01-09 00:54:48 | Deep Dive |
| CVE-2023-51408 | WordPress WP Optin Wheel Plugin <= 1.4.3 is vulnerable to Sensitive Data Exposure | StudioWombat | WP Optin Wheel – Gamified Optin Email Marketing Tool for WordPress and WooCommerce | Medium | 5.3 | 2024-01-08 20:36:04 | Deep Dive |
| CVE-2023-51414 | WordPress EnvíaloSimple Plugin <= 2.1 is vulnerable to PHP Object Injection | EnvialoSimple | EnvíaloSimple: Email Marketing y Newsletters | Critical | 9.6 | 2023-12-29 13:02:28 | Deep Dive |
| CVE-2023-50857 | WordPress Automation By Autonami Plugin <= 2.6.1 is vulnerable to SQL Injection | FunnelKit | Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit | High | 7.6 | 2023-12-28 10:57:47 | Deep Dive |
| CVE-2023-28421 | WordPress WordPress Email Marketing Plugin – WP Email Capture Plugin <= 3.10 is vulnerable to Sensitive Data Exposure | Winwar Media | WordPress Email Marketing Plugin – WP Email Capture | Medium | 5.3 | 2023-12-21 14:11:32 | Deep Dive |
| CVE-2023-48781 | WordPress MkRapel Regiones y Ciudades de Chile para WC Plugin <= 4.3.0 is vulnerable to Cross Site Request Forgery (CSRF) | Marketing Rapel | MkRapel Regiones y Ciudades de Chile para WC | Medium | 4.3 | 2023-12-18 22:05:44 | Deep Dive |
| CVE-2023-49197 | WordPress DoFollow Case by Case Plugin <= 3.4.2 is vulnerable to Cross Site Request Forgery (CSRF) | Apasionados, Apasionados del Marketing, NetConsulting | DoFollow Case by Case | Medium | 4.3 | 2023-12-15 15:39:23 | Deep Dive |
| CVE-2023-47244 | WordPress Email Marketing for WooCommerce by Omnisend Plugin <= 1.13.8 is vulnerable to Sensitive Data Exposure | Omnisend | Email Marketing for WooCommerce by Omnisend | Medium | 5.3 | 2023-11-23 20:30:57 | Deep Dive |
| CVE-2022-45810 | WordPress Email Subscribers & Newsletters Plugin <= 5.5.2 is vulnerable to CSV Injection | Icegram | Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce | 超危 | - | 2023-11-07 16:50:04 | Deep Dive |