Lucene search
+L

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:48 a.m.8 views

CVE-2024-30522

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through 8.2.0...

5.3CVSS8.3AI score0.00494EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/17 8:21 a.m.29 views

CVE-2024-30522 WordPress Newsletter plugin <= 8.2.0 - IP Blacklist Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through 8.2.0...

5.3CVSS5.3AI score0.00494EPSS
Exploits0References1
NVD
NVD
added 2024/04/15 10:15 a.m.20 views

CVE-2024-31434

Cross-Site Request Forgery CSRF vulnerability in Stefano Lissa & The Newsletter Team Newsletter.This issue affects Newsletter: from n/a through 8.0.6...

5.4CVSS5.5AI score0.00197EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 9:28 a.m.66 views

CVE-2024-31434

Technical details for CVE-2024-31434 are not provided in the supplied documents. Monitor official advisories for affected Newsletter plugin versions up to 8.0.6 and vendor patches.

5.4CVSS5.2AI score0.00197EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.15 views

PT-2024-24076 · Unknown · Stefano Lissa & The Newsletter Team Newsletter

Name of the Vulnerable Software and Affected Versions: Stefano Lissa & The Newsletter Team Newsletter versions n/a through 8.0.6 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...

5.4CVSS6.7AI score0.00197EPSS
Exploits0References4
NVD
NVD
added 2024/03/29 2:15 p.m.15 views

CVE-2024-30430

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Email Newsletter Team - FluentCRM Fluent CRM allows Stored XSS.This issue affects Fluent CRM: from n/a through 2.8.44...

5.9CVSS5.7AI score0.00356EPSS
Exploits0References1
CVE
CVE
added 2024/03/29 1:33 p.m.72 views

CVE-2024-30430

CVE-2024-30430 is a stored XSS in the WP Email Newsletter Team (FluentCRM) for FluentCRM, with exploitation possible via input not properly neutralized during web page generation. Affected: FluentCRM up to version 2.8.44. Root cause per Red Hat/other sources is improper input handling leading to ...

5.9CVSS8.6AI score0.00356EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/09/25 7:15 p.m.32 views

CVE-2023-41867

Unauth. Reflected Cross-Site Scripting XSS vulnerability in AcyMailing Newsletter Team AcyMailing plugin = 8.6.2 versions...

7.1CVSS6.2AI score0.00331EPSS
Exploits0References1
CVE
CVE
added 2023/09/25 6:41 p.m.66 views

CVE-2023-41867

CVE-2023-41867 affects the AcyMailing SMTP Newsletter WordPress plugin (AcyMailing) up to version 8.6.2. It is an unauthenticated, Reflected Cross-Site Scripting (XSS) vulnerability caused by insufficient input sanitization in how output is generated, enabling attacker-supplied code to be reflect...

7.1CVSS6AI score0.00331EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder