Opti Marketing <= 2.0.9 - SQL Injection

The Opti Marketing plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to appe...

Automation By Autonami < 3.3.0 - SQL Injection

The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit WordPress plugin before 3.3.0 does not sanitize and escape the bwfan-track-id parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks. id:...

CVE-2026-5792

Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud RMC allows Brute Force. This issue affects Related Marketing Cloud RMC: through 12052026...

CVE-2026-5792 Authentication Bypass in Related Digital's Related Marketing Cloud (RMC)

Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud RMC allows Brute Force. This issue affects Related Marketing Cloud RMC: through 12052026...

EUVD-2026-36486

Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud RMC allows Brute Force. This issue affects Related Marketing Cloud RMC: through 12052026...

CVE-2026-5792 Authentication Bypass in Related Digital's Related Marketing Cloud (RMC)

Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud RMC allows Brute Force. This issue affects Related Marketing Cloud RMC: through 12052026...

CVE-2026-5792

CVE-2026-5792 is described as an authentication bypass by spoofing vulnerability in Related Marketing Cloud (RMC) used by Hedef Media Promotion Interactive Media Marketing Inc. The issue affects RMC up to 12052026. The NVD entry provides a CVSS 3.1 base score of 6.5 (Network, Low attack complexit...

PT-2026-48918

Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud RMC allows Brute Force. This issue affects Related Marketing Cloud RMC: through 12052026...

WordPress MailerPress – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin <= 2.0.4 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Faizan Shaik in WordPress Plugin MailerPress versions = 2.0.4...

Company bragged phone mics could listen to conversations. They couldn&#8217;t.

A media company and two of its marketing partners have been fined for selling a service which, they said, listened in to people's conversations through their phones. Actually they did nothing of the sort. Most people have worried at some point that their phone has been listening to them through t...

VulnCheck KEV: CVE-2025-62481

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite component: Marketing Administration. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing...

VulnCheck KEV: CVE-2025-53072

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite component: Marketing Administration. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing...

CVE-2025-11762 HubSpot All-In-One Marketing - Forms, Popups, Live Chat <= 11.3.32 - Missing Authorization to Authenticated (Contributor+) Installed Plugin Disclosure

The HubSpot All-In-One Marketing - Forms, Popups, Live Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 11.3.32 via the leadin/public/admin/class-adminconstants.php file. This makes it possible for authenticated attackers, with...

WordPress plugin HubSpot All-In-One Marketing - Forms, Popups, Live Chat 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Malicious code in marketing-analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91700ba70a19e0997ef295cbc94c127a9febc336d696ae07b738dc2fbef8cab8 The package marketing-analytics was found to contain malicious code...

MAL-2026-2778 Malicious code in marketing-analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91700ba70a19e0997ef295cbc94c127a9febc336d696ae07b738dc2fbef8cab8 The package marketing-analytics was found to contain malicious code...

CVE-2026-2263

The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'hustlemoduleconverted' AJAX action in all versions up to, and including, 7.8.10.2. This makes it possible for...

WordPress plugin Hustle 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2026-2263 Hustle – Email Marketing, Lead Generation, Optins, Popups <= 7.8.10.2 - Missing Authorization to Unauthenticated Conversion Tracking Data Manipulation

The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'hustlemoduleconverted' AJAX action in all versions up to, and including, 7.8.10.2. This makes it possible for...

WordPress Hustle - Email Marketing, Lead Generation, Optins, Popups plugin <= 7.8.10.2 - Missing Authorization to Unauthenticated Conversion Tracking Data Manipulation vulnerability

WordPress Hustle - Email Marketing, Lead Generation, Optins, Popups plugin = 7.8.10.2 - Missing Authorization to Unauthenticated Conversion Tracking Data Manipulation vulnerability discovered by Nguyen C in WordPress Plugin Hustle versions = 7.8.10.2...