Newsletter Plugin For Joomla In The Enterprise Version
Approved changes feed: RSS · Atom
cpe:2.3:a:acymailing:newsletter_plugin_for_joomla_in_the_enterprise_version:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Acymailing (e793a6e6-12d0-5a45-ac63-062287209ca7) |
|---|---|
| Product | Newsletter Plugin For Joomla In The Enterprise Version (f391a256-f3bd-5c12-a7fd-8d3441267549) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-28733 |
vulnerable | 2026-06-03 14:51:13.387536 |
Stored XSS affecting the AcyMailing plugin for Joomla
HIGH (7.2)
AnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitable without authentication when access is granted to the campaign's creation on front-office.
This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0.
Published: 2023-03-30T11:27:40.884Z
Updated: 2025-02-11T19:17:17.402Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28731 |
vulnerable | 2026-06-03 14:51:13.383281 |
Unauthenticated RCE affecting the AcyMailing plugin for Joomla
CRITICAL (9.8)
AnyMailing Joomla Plugin is vulnerable to unauthenticated remote code execution, when being granted access to the campaign's creation on front-office due to unrestricted file upload allowing PHP code to be injected.
This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0.
Published: 2023-03-30T11:25:36.854Z
Updated: 2025-02-11T20:11:00.208Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.