CVE-2025-67999

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stefano Lissa Newsletter newsletter allows Blind SQL Injection.This issue affects Newsletter: from n/a through = 9.0.9...

EUVD-2025-203555

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stefano Lissa Newsletter newsletter allows Blind SQL Injection.This issue affects Newsletter: from n/a through = 9.0.9...

CVE-2025-67999

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stefano Lissa Newsletter newsletter allows Blind SQL Injection.This issue affects Newsletter: from n/a through = 9.0.9...

PT-2025-51443

Name of the Vulnerable Software and Affected Versions Stefano Lissa Newsletter versions through 9.0.9 Description A flaw exists in Stefano Lissa Newsletter that allows for Blind SQL Injection due to Improper Neutralization of Special Elements used in an SQL Command. This issue could potentially...

EUVD-2025-27397

Malicious code in bioql PyPI...

CVE-2025-58983

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stefano Lissa Include Me include-me allows Stored XSS.This issue affects Include Me: from n/a through = 1.3.2...

CVE-2025-58983

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stefano Lissa Include Me include-me allows Stored XSS.This issue affects Include Me: from n/a through = 1.3.2...

PT-2025-36804

Name of the Vulnerable Software and Affected Versions: Include Me versions through 1.3.2 Description: The software contains a cross-site scripting XSS issue due to improper neutralization of input during web page generation. This allows for stored XSS attacks. Recommendations: Update Include Me t...

CVE-2024-31434

Cross-Site Request Forgery CSRF vulnerability in Stefano Lissa & The Newsletter Team Newsletter.This issue affects Newsletter: from n/a through 8.0.6...

CVE-2024-30522

Technical details for CVE-2024-30522 are not provided in the connected documents. The public sources included here confirm basic description but no affected versions beyond 8.2.0; monitor for updates.

CVE-2024-30522 WordPress Newsletter plugin <= 8.2.0 - IP Blacklist Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through 8.2.0...

CVE-2024-31434

Cross-Site Request Forgery CSRF vulnerability in Stefano Lissa & The Newsletter Team Newsletter.This issue affects Newsletter: from n/a through 8.0.6...

CVE-2024-31434 WordPress Newsletter plugin <= 8.0.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Stefano Lissa & The Newsletter Team Newsletter.This issue affects Newsletter: from n/a through 8.0.6...

CVE-2024-31434

Technical details for CVE-2024-31434 are not provided in the supplied documents. Monitor official advisories for affected Newsletter plugin versions up to 8.0.6 and vendor patches.

Wordpress Newsletter 3.2.6 Cross Site Scripting Vulnerability

Wordpress Newletter plugin version 3.2.6 suffers from a cross site scripting vulnerability. Wordpress Newsletter Plugin 3.2.6 alert Reflected XSS Vulnerability Vendor: Stefano Lissa Product web page: http://wordpress.org/extend/plugins/newsletter/ Affected version: 3.2.6 and bellow Summary:...

Wordpress Newsletter 3.2.6 Cross Site Scripting

Wordpress Newsletter Plugin 3.2.6 alert Reflected XSS Vulnerability Vendor: Stefano Lissa Product web page: http://wordpress.org/extend/plugins/newsletter/ Affected version: 3.2.6 and bellow Summary: Newsletter is the perfect WordPress plugin for creating real newsletters and mail marketing syste...