15 matches found
WordPress Newsletters <= 4.13 - Unauthenticated SQL Injection
Newsletters WordPress plugin = 4.13 contains a time-based SQL injection caused by insufficient escaping of the 'wpmlsubscriberid' parameter, letting unauthenticated attackers extract sensitive database information. id: CVE-2026-3018 info: name: WordPress Newsletters = 4.13 - Unauthenticated SQL...
CVE-2025-67911
Deserialization of Untrusted Data vulnerability in Tribulant Software Newsletters newsletters-lite allows Object Injection.This issue affects Newsletters: from n/a through = 4.11...
CVE-2025-67911
Deserialization of Untrusted Data vulnerability in Tribulant Software Newsletters newsletters-lite allows Object Injection.This issue affects Newsletters: from n/a through = 4.11...
CVE-2025-67911 WordPress Newsletters plugin <= 4.11 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Tribulant Software Newsletters newsletters-lite allows Object Injection.This issue affects Newsletters: from n/a through = 4.11...
CVE-2025-67911
CVE-2025-67911 describes a Deserialization of Untrusted Data vulnerability in the Tribulant Software Newsletters newsletters-lite plugin. The WordPress/newsletters entry states unauthenticated Object Injection via deserialization, affecting Newsletters: from n/a through
PT-2026-1889
Name of the Vulnerable Software and Affected Versions Tribulant Software Newsletters versions prior to 4.11 Description An issue exists in Tribulant Software Newsletters newsletters-lite related to the deserialization of untrusted data, which allows for object injection. Recommendations Update to...
CVE-2025-69020
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tribulant Software Newsletters newsletters-lite allows Stored XSS.This issue affects Newsletters: from n/a through = 4.12...
CVE-2025-69020
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tribulant Software Newsletters newsletters-lite allows Stored XSS.This issue affects Newsletters: from n/a through = 4.12...
EUVD-2018-13523
Malware in sbrugna...
CVE-2018-20987
The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection...
CVE-2025-30921
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tribulant Software Newsletters newsletters-lite allows SQL Injection.This issue affects Newsletters: from n/a through = 4.9.9.7...
CVE-2018-20987
The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection...
Design/Logic Flaw
The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection...
CVE-2018-20987
The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection...
CVE-2018-20987
CVE-2018-20987 affects the Newsletters Lite WordPress plugin. The connected documents confirm a PHP object injection flaw in newsletters-lite before version 4.6.8.6, caused by an insecure deserialization condition in the plugin’s code path. This vulnerability can enable remote code execution or s...