Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

The Newsletter Team Security Vulnerabilities

cve
cve

CVE-2024-5674

The Newsletter - API v1 and v2 addon plugin for WordPress is vulnerable to unauthorized subscribers management due to PHP type juggling issue on the check_api_key function in all versions up to, and including, 2.4.5. This makes it possible for unauthenticated attackers to list, create or delete...

6.5CVSS

6.5AI Score

0.0005EPSS

2024-06-12 11:15 AM
30
cve
cve

CVE-2024-30522

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through...

5.3CVSS

6.8AI Score

0.0004EPSS

2024-05-17 09:15 AM
30
cve
cve

CVE-2024-31434

Cross-Site Request Forgery (CSRF) vulnerability in Stefano Lissa & The Newsletter Team Newsletter.This issue affects Newsletter: from n/a through...

5.4CVSS

6.8AI Score

0.0004EPSS

2024-04-15 10:15 AM
25
cve
cve

CVE-2023-27922

Cross-site scripting vulnerability in Newsletter versions prior to 7.6.9 allows a remote unauthenticated attacker to inject an arbitrary...

6.1CVSS

6.1AI Score

0.003EPSS

2023-05-23 02:15 AM
31