269 matches found
CVE-2026-57416
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SiteGround SiteGround Email Marketing siteground-email-marketing allows Stored XSS.This issue affects SiteGround Email Marketing: from n/a through = 1.7.5...
CVE-2026-57416
The CVE-2026-57416 entry concerns the WordPress SiteGround Email Marketing plugin (versions
CVE-2026-57416 WordPress SiteGround Email Marketing plugin <= 1.7.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SiteGround SiteGround Email Marketing siteground-email-marketing allows Stored XSS.This issue affects SiteGround Email Marketing: from n/a through = 1.7.5...
PT-2026-57727
Name of the Vulnerable Software and Affected Versions SiteGround Email Marketing versions prior to 1.7.6 Description SiteGround Email Marketing contains a stored cross-site scripting XSS flaw, which occurs when an application includes untrusted data in a web page without proper validation or...
EUVD-2026-42804
The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo formely Sendinblue plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the page parameter in all versions up to, and including, 3.1.77 due to insufficient input sanitization and output escaping. This makes it...
WordPress SiteGround Email Marketing plugin <= 1.7.5 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by xwii in WordPress Plugin SiteGround Email Marketing versions = 1.7.5...
EUVD-2026-39781
Unauthenticated Broken Access Control in SiteGround Email Marketing = 1.7.5 versions...
CVE-2026-57632
Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend = 1.19.0 versions...
CVE-2026-24547
Unauthenticated Broken Access Control in SiteGround Email Marketing = 1.7.5 versions...
EUVD-2026-39748
Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend = 1.19.0 versions...
CVE-2026-24547 WordPress SiteGround Email Marketing plugin <= 1.7.5 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in SiteGround Email Marketing = 1.7.5 versions...
CVE-2026-24547
The vulnerability CVE-2026-24547 affects the WordPress SiteGround Email Marketing plugin (versions up to and including 1.7.5). It is described as Unauthenticated Broken Access Control, indicating that an attacker could access restricted functionality or data without authentication. The CVSS v3.1 ...
WordPress SiteGround Email Marketing plugin <= 1.7.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin SiteGround Email Marketing versions = 1.7.5...
CVE-2026-42668
Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend = 1.18.0 versions...
EUVD-2026-36833
Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend = 1.18.0 versions...
CVE-2026-42668
CVE-2026-42668 affects WordPress plugin Email Marketing for WooCommerce by Omnisend (versions
PT-2026-49459
Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend = 1.18.0 versions...
WordPress MailerPress – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin <= 2.0.4 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability
Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Faizan Shaik in WordPress Plugin MailerPress versions = 2.0.4...
WordPress Hustle - Email Marketing, Lead Generation, Optins, Popups plugin <= 7.8.10.2 - Missing Authorization to Unauthenticated Conversion Tracking Data Manipulation vulnerability
WordPress Hustle - Email Marketing, Lead Generation, Optins, Popups plugin = 7.8.10.2 - Missing Authorization to Unauthenticated Conversion Tracking Data Manipulation vulnerability discovered by Nguyen C in WordPress Plugin Hustle versions = 7.8.10.2...
CVE-2016-10903
The GoDaddy godaddy-email-marketing-sign-up-forms plugin before 1.1.3 for WordPress has CSRF...