📦 Newsletters

The Newsletters plugin for WordPress contains a Local File Inclusion vulnerability that allows authenticated attackers with Administrator privileges to include and execute arbitrary PHP files on the s...

The Newsletters plugin for WordPress allows authenticated users with subscriber-level access or higher to escalate privileges to administrator by manipulating user meta through screen options. This af...

This vulnerability allows attackers to inject malicious scripts into web pages generated by the Tribulant Newsletters WordPress plugin. When users view these pages, the scripts execute in their browse...

This vulnerability in the Newsletters WordPress plugin allows administrators to execute arbitrary SQL queries and shell commands on the server due to improper input escaping. It affects WordPress site...

This vulnerability allows unauthenticated attackers to inject malicious scripts via the 'to' parameter in the WordPress Newsletters plugin. When an administrator clicks a specially crafted link, the s...

The Newsletters plugin for WordPress has a stored XSS vulnerability in its newsletters_video shortcode. Authenticated attackers with contributor-level access or higher can inject malicious scripts tha...