251 matches found
WordPress Hustle - Email Marketing, Lead Generation, Optins, Popups plugin <= 7.8.10.2 - Missing Authorization to Unauthenticated Conversion Tracking Data Manipulation vulnerability
WordPress Hustle - Email Marketing, Lead Generation, Optins, Popups plugin = 7.8.10.2 - Missing Authorization to Unauthenticated Conversion Tracking Data Manipulation vulnerability discovered by Nguyen C in WordPress Plugin Hustle versions = 7.8.10.2...
CVE-2016-10903
The GoDaddy godaddy-email-marketing-sign-up-forms plugin before 1.1.3 for WordPress has CSRF...
CVE-2021-2338
Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM component: Email Marketing Stand-Alone. Supported versions that are affected are 21.5 and Prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel Apps -...
CVE-2025-12449 aBlocks – WordPress Gutenberg Blocks <= 2.4.0 - Missing Authorization to Authenticated (Subscriber+) Settings Modification
The aBlocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data and disclosure of sensitive information due to missing capability checks on multiple AJAX actions in all versions up to, and including, 2.4.0. This makes it possible for authenticated...
Kentico Xperience Email Marketing Template Cross-Site Scripting Vulnerability
Kentico Xperience is a digital experience platform from Kentico. A cross-site scripting vulnerability exists in the Kentico Xperience email marketing templates, which can be exploited by attackers to execute malicious scripts that can compromise a user's browser and steal sensitive information...
CVE-2025-64273
Missing Authorization vulnerability in GetResponse Email marketing for WordPress by GetResponse Official getresponse-official allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Email marketing for WordPress by GetResponse Official: from n/a through = 1.5.3...
EUVD-2025-204366
A stored cross-site scripting vulnerability in Kentico Xperience allows administration users to inject malicious scripts via email marketing templates. Attackers can exploit this vulnerability to execute malicious scripts that could compromise user browsers and steal sensitive information...
Cross-site Scripting (XSS)
Overview Kentico.Xperience.Libraries is a package for libraries and applications that use Kentico Xperience API. Affected versions of this package are vulnerable to Cross-site Scripting XSS via email marketing templates in the CMS.Newsletters.Web.UI component. An attacker with administration...
CVE-2022-50680
A stored cross-site scripting vulnerability in Kentico Xperience allows administration users to inject malicious scripts via email marketing templates. Attackers can exploit this vulnerability to execute malicious scripts that could compromise user browsers and steal sensitive information...
CVE-2022-50680 Kentico Xperience <= 13.0.92 Email Marketing Stored XSS
A stored cross-site scripting vulnerability in Kentico Xperience allows administration users to inject malicious scripts via email marketing templates. Attackers can exploit this vulnerability to execute malicious scripts that could compromise user browsers and steal sensitive information...
CVE-2022-50680 Kentico Xperience <= 13.0.92 Email Marketing Stored XSS
A stored cross-site scripting vulnerability in Kentico Xperience allows administration users to inject malicious scripts via email marketing templates. Attackers can exploit this vulnerability to execute malicious scripts that could compromise user browsers and steal sensitive information...
CVE-2025-64273
Missing Authorization vulnerability in GetResponse Email marketing for WordPress by GetResponse Official getresponse-official allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Email marketing for WordPress by GetResponse Official: from n/a through = 1.5.3...
EUVD-2025-204064
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in GetResponse Email marketing for WordPress by GetResponse Official getresponse-official allows Retrieve Embedded Sensitive Data.This issue affects Email marketing for WordPress by GetResponse Official: from...
EUVD-2025-204063
Missing Authorization vulnerability in GetResponse Email marketing for WordPress by GetResponse Official getresponse-official allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Email marketing for WordPress by GetResponse Official: from n/a through = 1.5.3...
PT-2025-52302
Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A stored cross-site scripting issue exists in Kentico Xperience. Administration users can inject malicious scripts through email marketing templates. Exploitation allows attackers t...
WordPress plugin Email marketing for WordPress by GetResponse Official 安全漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that provides the ability to set up a personal blog site on a PHP and MySQL based server. A security vulnerability exists in WordPress plugin...
Kentico Xperience 跨站脚本漏洞
Kentico Xperience is a digital experience platform from Kentico. A cross-site scripting vulnerability exists in the Kentico Xperience email marketing templates, which can be exploited by attackers to execute malicious scripts that can compromise a user's browser and steal sensitive information...
WordPress plugin Email marketing for WordPress by GetResponse Official 安全漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that provides the ability to set up a personal blog site on a PHP and MySQL based server. A security vulnerability exists in WordPress plugin...
WordPress plugin SendPulse Email Marketing Newsletter 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability...
WordPress SendPulse Email Marketing Newsletter plugin <= 2.2.1 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin SendPulse Email Marketing Newsletter versions = 2.2.1...