N/A
2026-03-03< 5.9.17
Email Subscribers & Newsletters <= 5.9.16 - Authenticated (Administrator+) SQL Injection via 'workflow_ids' Parameter
Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress
Minimum safe version
5.9.17
Update to 5.9.17 or later to address 48 fixable vulnerabilities
Latest available5.9.23 ✓
Medium 5.3
2025-12-12< 5.9.11
CVE-2025-12348
High 7.2
2025-11-21< 5.9.11
CVE-2025-66055
Medium 5.3
2025-11-19< 5.9.11
CVE-2025-12349
Medium 6.1
2025-04-25< 5.7.50
Email Subscribers & Newsletters <= 5.7.49 - Authenticated (Administrator+) Stored Cross-Site Scripting
Low 3.5
2025-04-17< 5.7.52
CVE-2024-11924
Medium 4.8
2025-01-13< 5.7.45
CVE-2024-11636
Medium 4.8
2025-01-13< 5.7.45
CVE-2024-12568
Medium 4.8
2025-01-13< 5.7.45
CVE-2024-12566
Medium 4.8
2025-01-13< 5.7.45
CVE-2024-12567
Medium 6.5
2025-01-06< 5.7.44
CVE-2024-12311
Medium 6.3
2024-10-02< 5.7.35
CVE-2024-8254
Medium 4.3
2024-09-26< 5.7.35
CVE-2024-8771
Medium 4.3
2024-07-17< 5.7.27
CVE-2024-5703
Critical 9.8
2024-07-02< 5.7.26
CVE-2024-6172
Critical 9.3
2024-06-26< 5.7.26
CVE-2024-37252
Critical 9.8
2024-06-21< 5.7.24
CVE-2024-5756
High 8.8
2024-06-12< 5.7.23
CVE-2024-4845
Critical 9.8
2024-06-05< 5.7.21
CVE-2024-4295
Medium 4.3
2024-05-23< 5.7.18
CVE-2024-3626
High 8.8
2024-05-15< 5.7.20
CVE-2024-4010
Critical 9.8
2024-05-02< 5.7.15
CVE-2024-2876
Critical 9.8
2024-06-09< 5.7.14
CVE-2024-31352
Medium 4.4
2024-04-06< 5.7.16
CVE-2024-2656
High 7.1
2024-03-27< 5.7.12
CVE-2024-22300
High 7.2
2023-10-20< 5.6.24
CVE-2023-5414
Medium 6.1
2023-11-07< 5.5.3
CVE-2022-45810
N/A
2015-08-10< 2.9.1
Email Subscribers & Newsletters < 2.9.1 - Cross-Site Scripting
N/A
< 2.9.1
Email Subscribers & Newsletters < 2.9.1 - Multiple XSS & SQLi
N/A
< 5.3.2
Email Subscribers & Newsletters < 5.3.2 - Unauthenticated arbitrary option update
High 8.8
2022-12-12< 5.5.1
CVE-2022-3981
N/A
2015-08-10< 2.9.1
WordPress Email Subscribers Plugin <= 2.9 - Multiple Vulnerabilities
N/A
2019-11-13< 4.2.3
WordPress Email Subscribers & Newsletters plugin <=4.2.2 - Multiple security issues
N/A
2020-09-10< 4.5.6
WordPress Email Subscribers & Newsletters plugin <= 4.5.5 - Unauthenticated email forgery/spoofing vulnerability
High 7.5
2018-01-26< 3.4.8
CVE-2018-6015
Medium 6.1
2018-06-26< 3.5.0
CVE-2018-0602
Critical 9.8
2019-07-22< 4.1.8
Email Subscribers & Newsletters <= 4.1.7 - SQL Injection
Medium 6.1
2019-08-14< 4.1.7
WordPress Email Subscribers & Newsletters plugin <= 4.1.6 - Cross-Site Scripting (XSS) vulnerability
Medium 5.3
2019-12-26< 4.2.3
CVE-2019-19985
Medium 6.3
2019-12-26< 4.2.3
CVE-2019-19984
Medium 5.3
2019-12-26< 4.2.3
CVE-2019-19982
Medium 4.3
2019-12-26< 4.2.3
CVE-2019-19980
Medium 5.4
2019-12-26< 4.2.3
CVE-2019-19981
Critical 9.8
2020-01-08< 4.3.1
CVE-2019-20361
Medium 4.9
2020-07-17< 4.5.1
CVE-2020-5768
Medium 6.5
2020-07-17< 4.5.1
CVE-2020-5767
Medium 5.3
2020-09-10< 4.5.6
CVE-2020-5780
High 8.8
2022-03-07< 5.3.2
CVE-2022-0439