PT-2025-24403 · WordPress · The Newsletter
Name of the Vulnerable Software and Affected Versions: The Newsletter WordPress plugin versions prior to 8.85 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible because the plugin does not properly sanitise and esca...