CVE-2025-67999

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stefano Lissa Newsletter newsletter allows Blind SQL Injection.This issue affects Newsletter: from n/a through = 9.0.9...

EUVD-2025-203555

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stefano Lissa Newsletter newsletter allows Blind SQL Injection.This issue affects Newsletter: from n/a through = 9.0.9...

CVE-2025-67999

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stefano Lissa Newsletter newsletter allows Blind SQL Injection.This issue affects Newsletter: from n/a through = 9.0.9...

PT-2025-51443

Name of the Vulnerable Software and Affected Versions Stefano Lissa Newsletter versions through 9.0.9 Description A flaw exists in Stefano Lissa Newsletter that allows for Blind SQL Injection due to Improper Neutralization of Special Elements used in an SQL Command. This issue could potentially...

EUVD-2025-27397

Malicious code in bioql PyPI...

CVE-2025-58983

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stefano Lissa Include Me include-me allows Stored XSS.This issue affects Include Me: from n/a through = 1.3.2...

CVE-2025-58983

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stefano Lissa Include Me include-me allows Stored XSS.This issue affects Include Me: from n/a through = 1.3.2...

PT-2025-36804

Name of the Vulnerable Software and Affected Versions: Include Me versions through 1.3.2 Description: The software contains a cross-site scripting XSS issue due to improper neutralization of input during web page generation. This allows for stored XSS attacks. Recommendations: Update Include Me t...

CVE-2024-31434

Cross-Site Request Forgery CSRF vulnerability in Stefano Lissa & The Newsletter Team Newsletter.This issue affects Newsletter: from n/a through 8.0.6...

CVE-2024-30522

Technical details for CVE-2024-30522 are not provided in the connected documents. The public sources included here confirm basic description but no affected versions beyond 8.2.0; monitor for updates.

CVE-2024-30522 WordPress Newsletter plugin <= 8.2.0 - IP Blacklist Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through 8.2.0...

CVE-2024-31434

Cross-Site Request Forgery CSRF vulnerability in Stefano Lissa & The Newsletter Team Newsletter.This issue affects Newsletter: from n/a through 8.0.6...

CVE-2024-31434

Technical details for CVE-2024-31434 are not provided in the supplied documents. Monitor official advisories for affected Newsletter plugin versions up to 8.0.6 and vendor patches.

CVE-2024-31434 WordPress Newsletter plugin <= 8.0.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Stefano Lissa & The Newsletter Team Newsletter.This issue affects Newsletter: from n/a through 8.0.6...

Wordpress Newsletter 3.2.6 Cross Site Scripting Vulnerability

Wordpress Newletter plugin version 3.2.6 suffers from a cross site scripting vulnerability. Wordpress Newsletter Plugin 3.2.6 alert Reflected XSS Vulnerability Vendor: Stefano Lissa Product web page: http://wordpress.org/extend/plugins/newsletter/ Affected version: 3.2.6 and bellow Summary:...

Wordpress Newsletter 3.2.6 Cross Site Scripting

Wordpress Newsletter Plugin 3.2.6 alert Reflected XSS Vulnerability Vendor: Stefano Lissa Product web page: http://wordpress.org/extend/plugins/newsletter/ Affected version: 3.2.6 and bellow Summary: Newsletter is the perfect WordPress plugin for creating real newsletters and mail marketing syste...