Vulnerabilities > Tribulant > Newsletters > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-08 | CVE-2024-35718 | Cross-site Scripting vulnerability in Tribulant Newsletters Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tribulant Newsletters allows Reflected XSS.This issue affects Newsletters: from n/a through 4.9.5. | 6.1 |
| 2019-08-09 | CVE-2019-14787 | Cross-site Scripting vulnerability in Tribulant Newsletters The Tribulant Newsletters plugin before 4.6.19 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=newsletters_load_new_editor contentarea parameter. | 5.4 |