Xyzscripts Newsletter Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Xyzscripts Newsletter Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2020-36727 — CVSS 9.8 (critical): The Newsletter Manager plugin for WordPress is vulnerable to insecure deserialization in versions up to, and including, 1.5.1. This is due…
CVE-2012-6629 — CVSS 6.8 (medium): Multiple cross-site request forgery (CSRF) vulnerabilities in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allow remote…
CVE-2012-6627 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in admin/test_mail.php in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allows…
CVE-2012-6628 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the Newsletter Manager plugin before 1.0.2 for WordPress allow remote attackers to…