Newsletters
Monthly
Unauthenticated PHP object injection in the Newsletters WordPress plugin before 4.15 lets remote attackers deserialize attacker-controlled data submitted through a public-facing form, then leverage a property-oriented gadget chain bundled inside the plugin itself to write arbitrary files and achieve remote code execution on the host. Publicly available exploit code exists (published via WPScan), though there is no public exploit identified as being used in active attacks and the flaw is not listed in CISA KEV. The self-contained gadget chain removes the usual dependency on third-party gadgets, making reliable exploitation notably more achievable than typical POI bugs.
Reflected cross-site scripting in the Tribulant Software Newsletters (newsletters-lite) WordPress plugin, affecting all versions up through 4.14, lets a remote attacker execute arbitrary JavaScript in a victim's browser when the victim is lured into clicking a crafted link. Reported by Patchstack and rated CVSS 7.1, the scope-changing flaw can lead to session/credential theft or actions performed as the targeted user, including administrators. There is no public exploit identified at time of analysis and it is not on CISA KEV.
Information disclosure in Pretix email template processing allows authenticated backend users to extract sensitive system data including database credentials and API keys through specially crafted placeholder syntax that bypasses existing validation controls. An attacker with email template editing permissions can leverage this vulnerability to access confidential configuration information from the system. A patch is available to address the ineffective placeholder sanitization mechanism.
The Newsletters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.9.9.9 via the 'file' parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.
The Newsletters plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the "to" parameter in all versions up to, and including, 4.9.9.7 due to insufficient input sanitization and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's newsletters_video shortcode in all versions up to, and including, 4.9.9.4 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
The Newsletters plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 4.9.9.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Cross Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters.9.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tribulant Newsletters allows Reflected XSS.9.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
wp-admin/admin-ajax.php?action=newsletters_exportmultiple in the Tribulant Newsletters plugin before 4.6.19 for WordPress allows directory traversal with resultant remote PHP code execution via the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Tribulant Newsletters plugin before 4.6.19 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=newsletters_load_new_editor contentarea parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Unauthenticated PHP object injection in the Newsletters WordPress plugin before 4.15 lets remote attackers deserialize attacker-controlled data submitted through a public-facing form, then leverage a property-oriented gadget chain bundled inside the plugin itself to write arbitrary files and achieve remote code execution on the host. Publicly available exploit code exists (published via WPScan), though there is no public exploit identified as being used in active attacks and the flaw is not listed in CISA KEV. The self-contained gadget chain removes the usual dependency on third-party gadgets, making reliable exploitation notably more achievable than typical POI bugs.
Reflected cross-site scripting in the Tribulant Software Newsletters (newsletters-lite) WordPress plugin, affecting all versions up through 4.14, lets a remote attacker execute arbitrary JavaScript in a victim's browser when the victim is lured into clicking a crafted link. Reported by Patchstack and rated CVSS 7.1, the scope-changing flaw can lead to session/credential theft or actions performed as the targeted user, including administrators. There is no public exploit identified at time of analysis and it is not on CISA KEV.
Information disclosure in Pretix email template processing allows authenticated backend users to extract sensitive system data including database credentials and API keys through specially crafted placeholder syntax that bypasses existing validation controls. An attacker with email template editing permissions can leverage this vulnerability to access confidential configuration information from the system. A patch is available to address the ineffective placeholder sanitization mechanism.
The Newsletters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.9.9.9 via the 'file' parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.
The Newsletters plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the "to" parameter in all versions up to, and including, 4.9.9.7 due to insufficient input sanitization and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's newsletters_video shortcode in all versions up to, and including, 4.9.9.4 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
The Newsletters plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 4.9.9.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Cross Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters.9.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tribulant Newsletters allows Reflected XSS.9.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
wp-admin/admin-ajax.php?action=newsletters_exportmultiple in the Tribulant Newsletters plugin before 4.6.19 for WordPress allows directory traversal with resultant remote PHP code execution via the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Tribulant Newsletters plugin before 4.6.19 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=newsletters_load_new_editor contentarea parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.