Vulnerabilities > Sendinblue > Newsletter Smtp Email Marketing AND Subscribe > 3.0.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-05 | CVE-2023-2472 | Unspecified vulnerability in Sendinblue Newsletter, Smtp, Email Marketing and Subscribe The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue WordPress plugin before 3.1.61 does not sanitise and escape a parameter before outputting it back in the admin dashboard when the WPML plugin is also active and configured, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | 6.1 |