Brevo – Email, SMS, Web Push, Chat, and more.

Vulnerabilities 12Slug mailinLatest version 3.3.4WordPress.org →

Minimum safe version

3.3.1

Update to 3.3.1 or later to address 12 fixable vulnerabilities

Latest available3.3.4 ✓

Medium 6.5

2026-02-18< 3.3.1

CVE-2025-14799

CVE Wordfence

Medium 4.3

2024-10-10< 3.1.88

CVE-2024-8477

CVE Wordfence Patchstack

High 8.8

2024-08-26< 3.1.83

CVE-2024-43287

CVE Patchstack Wordfence

Medium 6.1

2024-06-04< 3.1.78

CVE-2024-35668

CVE Patchstack Wordfence

N/A

2024-03-22< 3.1.78

Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) <= 3.1.77 - Reflected Cross-Site Scripting

Wordfence

Medium 6.1

2023-11-15< 3.1.61

WordPress Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue Plugin < 3.1.61 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE WPScan

N/A

2023-05-11< 3.1.61

WordPress Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue Plugin <= 3.1.60 is vulnerable to Cross Site Scripting (XSS)

Patchstack

N/A

2023-05-10< 3.1.61

Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue <= 3.1.60 - Reflected Cross-Site Scripting via 'lang'

Wordfence

N/A

2022-04-08< 3.1.40

Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue <= 3.1.39 - Cross-Site Scripting

Wordfence

N/A

2021-12-22< 3.1.25

WordPress Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue plugin <= 3.1.24 - Reflected Cross-Site Scripting (XSS) vulnerability

Patchstack

Medium 6.1

2022-01-24< 3.1.25

CVE-2021-24923

CVE Wordfence WPScan

Medium 6.1

2022-02-14< 3.1.31

CVE-2021-24874

CVE Patchstack Wordfence WPScan