Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 3:32 p.m.7 views

CVE-2020-35933

A Reflected Authenticated Cross-Site Scripting XSS vulnerability in the Newsletter plugin before 6.8.2 for WordPress allows remote attackers to trick a victim into submitting a tnpcrender AJAX request containing either JavaScript in an options parameter, or a base64-encoded JSON string containing...

6.5CVSS6AI score0.00121EPSS
Exploits1
Patchstack
Patchstackadded 2024/06/04 12:0 a.m.16 views

WordPress Newsletter Plugin <= 8.3.4 is vulnerable to Cross Site Scripting (XSS)

Software Newsletter Type Plugin Vulnerable versions = 8.3.4 Fixed in 8.3.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5317 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a76e0f4cc75c Credits Arkadiusz Hydzik Requir...

6.4CVSS5.6AI score0.00532EPSS
Exploits0References3Affected Software1
Patchstack
Patchstackadded 2024/03/28 12:0 a.m.14 views

WordPress Newsletter Plugin <= 8.2.0 is vulnerable to Bypass Vulnerability

Software Newsletter Type Plugin Vulnerable versions = 8.2.0 Fixed in 8.2.1 OWASP Top 10 A6: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2024-30522 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 3a2b06142955 Credits Mika Required privilege...

5.3CVSS6.5AI score0.00102EPSS
Exploits0References2Affected Software1
Patchstack
Patchstackadded 2023/03/29 12:0 a.m.4 views

WordPress Newsletter Plugin <= 7.6.8 is vulnerable to Cross Site Scripting (XSS)

Software Newsletter Type Plugin Vulnerable versions = 7.6.8 Fixed in 7.6.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 78a41f715fc6 Credits Unknown Required privilege...

5.9AI score
Exploits0References2Affected Software1
OpenVAS
OpenVASadded 2020/08/04 12:0 a.m.21 views

WordPress Newsletter Plugin < 6.8.2 Multiple Vulnerabilities

The WordPress plugin Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

8.8CVSS6.9AI score0.0098EPSS
Exploits2References2
Zero Science Lab
Zero Science Labadded 2013/05/14 12:0 a.m.29 views

Wordpress Newsletter Plugin 3.2.6 (alert) Reflected XSS Vulnerability

Summary Newsletter is the perfect WordPress plugin for creating real newsletters and mail marketing system on your WordPress blog. Description The plugin suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the 'alert' GET parameter in the 'page.php' script...

6.1AI score
Exploits0
Rows per page
Query Builder