Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Associated Vulnerability
Clear Filters
Found 7 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-1651 Email Subscribers & Newsletters <= 5.9.16 - Authenticated (Administrator+) SQL Injection via 'workflow_ids' Parameter icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 6.5 2026-03-04 01:22:00 Deep Dive
CVE-2025-12348 Email Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Action Scheduler Task Execution icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 5.3 2025-12-12 09:20:29 Deep Dive
CVE-2025-12349 Email Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Mailing Queue Trigger icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 5.3 2025-11-19 04:28:19 Deep Dive
CVE-2025-12644 Nonaki – Drag and Drop Email Template builder and Newsletter plugin for WordPress <= 1.0.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Fields wpcoxNonaki – Drag and Drop Email Template builder and Newsletter plugin for WordPress Medium 6.4 2025-11-11 03:30:38 Deep Dive
CVE-2024-13098 WP Email Newsletter <= 1.1 - Reflected XSS UnknownWordPress Email Newsletter 中危 -2025-02-01 06:00:14 Deep Dive
CVE-2023-45829 WordPress Newsletter & Bulk Email Sender Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS) HappyBoxNewsletter & Bulk Email Sender – Email Newsletter Plugin for WordPress Medium 6.5 2023-10-24 12:24:08 Deep Dive
CVE-2023-1430 FluentCRM - Marketing Automation For WordPress <= 2.8.01 - Insufficient Use of Hash as Authorization Control techjewelFluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution Medium 6.5 2023-06-09 05:33:37 Deep Dive