Brevo Newsletter\,_smtp\,_email_marketing_and_subscribe
5 CVEs affecting Brevo Newsletter\,_smtp\,_email_marketing_and_subscribe. Latest disclosed: 2024-10-10. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-35668 | High | 7.1 | 2024-06-04 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscr… |
CVE-2023-2472 | Medium | 6.1 | 2023-06-05 | The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue WordPress plugin before 3.1.61 does not sanitise and escape a parameter before outputti… |
CVE-2021-24874 | Medium | 6.1 | 2022-02-14 | The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue WordPress plugin before 3.1.31 does not escape the lang and pid parameter before output… |
CVE-2021-24923 | Medium | 6.1 | 2022-01-24 | The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue WordPress plugin before 3.1.25 does not escape the sib-statistics-date parameter before… |
CVE-2024-8477 | Medium | 4.3 | 2024-10-10 | The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all… |