9 matches found
CVE-2024-30522
Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through 8.2.0...
CVE-2024-30522 WordPress Newsletter plugin <= 8.2.0 - IP Blacklist Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through 8.2.0...
CVE-2024-31434
Cross-Site Request Forgery CSRF vulnerability in Stefano Lissa & The Newsletter Team Newsletter.This issue affects Newsletter: from n/a through 8.0.6...
CVE-2024-31434
Technical details for CVE-2024-31434 are not provided in the supplied documents. Monitor official advisories for affected Newsletter plugin versions up to 8.0.6 and vendor patches.
PT-2024-24076 · Unknown · Stefano Lissa & The Newsletter Team Newsletter
Name of the Vulnerable Software and Affected Versions: Stefano Lissa & The Newsletter Team Newsletter versions n/a through 8.0.6 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...
CVE-2024-30430
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Email Newsletter Team - FluentCRM Fluent CRM allows Stored XSS.This issue affects Fluent CRM: from n/a through 2.8.44...
CVE-2024-30430
CVE-2024-30430 is a stored XSS in the WP Email Newsletter Team (FluentCRM) for FluentCRM, with exploitation possible via input not properly neutralized during web page generation. Affected: FluentCRM up to version 2.8.44. Root cause per Red Hat/other sources is improper input handling leading to ...
CVE-2023-41867
Unauth. Reflected Cross-Site Scripting XSS vulnerability in AcyMailing Newsletter Team AcyMailing plugin = 8.6.2 versions...
CVE-2023-41867
CVE-2023-41867 affects the AcyMailing SMTP Newsletter WordPress plugin (AcyMailing) up to version 8.6.2. It is an unauthenticated, Reflected Cross-Site Scripting (XSS) vulnerability caused by insufficient input sanitization in how output is generated, enabling attacker-supplied code to be reflect...