Skip to main content

Siteground Email Marketing

1 CVEs product

Monthly

CVE-2026-57416 HIGH This Week

Stored cross-site scripting in the SiteGround Email Marketing WordPress plugin (versions up to and including 1.7.5) lets attackers persist malicious JavaScript that executes in the context of a victim's browser when the affected page is rendered. Reported by Patchstack with a CVSS 3.1 base score of 7.1 and a scope-changed impact, the flaw carries no public exploit identified at time of analysis and is not listed in CISA KEV. Because the injected payload is stored server-side, it can strike any user - including administrators - who later loads the tainted content.

XSS Siteground Email Marketing
NVD
CVSS 3.1
7.1
EPSS
0.3%
EPSS 0% CVSS 7.1
HIGH This Week

Stored cross-site scripting in the SiteGround Email Marketing WordPress plugin (versions up to and including 1.7.5) lets attackers persist malicious JavaScript that executes in the context of a victim's browser when the affected page is rendered. Reported by Patchstack with a CVSS 3.1 base score of 7.1 and a scope-changed impact, the flaw carries no public exploit identified at time of analysis and is not listed in CISA KEV. Because the injected payload is stored server-side, it can strike any user - including administrators - who later loads the tainted content.

XSS Siteground Email Marketing
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy