CVE-2025-10047 Email Tracker <= 5.3.15 - Authenticated (Admin+) SQL Injection

The Email Tracker – Email Log, Email Open Tracking, Email Analytics & Email Management for WordPress Emails plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in all versions up to, and including, 5.3.15 due to insufficient escaping on the user supplied parameter and...

WordPress Email Tracker Plugin <= 5.3.8 is vulnerable to Cross Site Scripting (XSS)

Software Email Tracker Type Plugin Vulnerable versions = 5.3.8 Fixed in 5.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4c4e012d0abd Credits Rafie Muhammad Patchstack Required...

CVE-2021-44777 WordPress Email Tracker plugin <= 5.2.6 - Cross-Site Request Forgery (CSRF) vulnerabilities leading to single or bulk e-mail entries deletion

Cross-Site Request Forgery CSRF vulnerabilities leading to single or bulk e-mail entries deletion discovered in Email Tracker WordPress plugin versions = 5.2.6...