Critical 9.8
2026-01-08< 4.12
CVE-2025-67911
Newsletters
Minimum safe version
4.13
Update to 4.13 or later to address 30 fixable vulnerabilities
Latest available4.13 ✓
Medium 6.5
2025-12-30< 4.13
CVE-2025-69020
High 7.5
2025-08-20< 4.11
CVE-2025-54034
Medium 4.3
2025-07-16< 4.11
CVE-2025-54035
High 7.2
2025-05-31< 4.10
Newsletters <= 4.9.9.9 - Authenticated (Administrator+) Local File Inclusion
Medium 6.5
2025-05-13< 4.9.9.9
Newsletters <= 4.9.9.8 - Authenticated (Contributor+) SQL Injection orderby Parameter
High 7.6
2025-03-27< 4.9.9.8
CVE-2025-30921
High 7.2
2025-03-26< 4.9.9.8
Newsletters <= 4.9.9.7 - Unauthenticated Stored Cross-Site Scripting
Medium 6.1
2025-03-22< 4.9.9.8
CVE-2024-13739
High 7.1
2025-02-04< 4.9.9.7
CVE-2025-24599
Medium 6.4
2024-10-29< 4.9.9.5
CVE-2024-10181
High 7.1
2024-10-06< 4.9.9.2
CVE-2024-47346
High 8.8
2024-09-06< 4.9.9.3
CVE-2024-8247
High 7.1
2024-08-18< 4.9.9
CVE-2024-43279
Medium 5.3
2024-08-15< 4.9.9.1
CVE-2024-7411
High 8.8
2024-06-21< 4.9.8
CVE-2024-37227
Medium 6.1
2024-06-08< 4.9.6
CVE-2024-35718
High 7.5
2024-04-24< 4.9.6
CVE-2024-32953
Critical 9.1
2024-04-24< 4.9.6
CVE-2024-32954
High 7.2
2024-01-16< 4.9.3
CVE-2023-4797
N/A
< 4.6.5
Tribulant Newsletters <= 4.6.4.2 – Multiple Vulnerabilities
Medium 5.4
2023-11-10< 4.9.9
CVE-2023-30478
N/A
2017-05-29< 4.6.4.3
Newsletters <= 4.6.4.2 - Directory Traversal
N/A
2017-05-29< 4.6.5.3
Newsletters <= 4.6.4.2 - Reflected Cross-Site Scripting
N/A
2017-05-29< 4.6.5
WordPress Tribulant Newsletters plugin <=4.6.4.2 - File Disclosure vulnerability
N/A
2017-05-29< 4.6.5
WordPress Tribulant Newsletters plugin <=4.6.4.2 - Cross-Site Scripting (XSS) vulnerabilities
N/A
2019-07-11< 4.6.18
WordPress Newsletter Lite plugin <= 4.6.16 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability
Medium 5.4
2019-08-09< 4.6.19
CVE-2019-14787
High 8.8
2019-08-15< 4.6.19
CVE-2019-14788
Critical 9.8
2019-08-22< 4.6.8.6
CVE-2018-20987