Vulnerabilities and security researches forsendpulse-email-marketing-newsletter sendpulse-email-marketing-newsletter

Jan 11, 2026

CVE, Research URL: CVE-2025-67948
Home page URL: Security reports for SendPulse Email Marketing Newsletter
Application: SendPulse Email Marketing Newsletter
Date: Dec 16, 2025
Research Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in SendPulse SendPulse Email Marketing Newsletter sendpulse-email-marketing-newsletter allows Retrieve Embedded Sensitive Data.This issue affects SendPulse Email Marketing Newsletter: from n/a through <= 2.2.1.
Affected versions: max 2.2.1.
Status: vulnerable

May 09, 2025

CVE, Research URL: CVE-2025-47547
Home page URL: Security reports for SendPulse Email Marketing Newsletter
Application: SendPulse Email Marketing Newsletter
Date: May 07, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SendPulse SendPulse Email Marketing Newsletter allows Stored XSS. This issue affects SendPulse Email Marketing Newsletter: from n/a through 2.1.6.
Affected versions: max 2.1.7.
Status: vulnerable

Feb 05, 2025

CVE, Research URL: CVE-2025-22662
Home page URL: Security reports for SendPulse Email Marketing Newsletter
Application: SendPulse Email Marketing Newsletter
Date: Feb 04, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SendPulse SendPulse Email Marketing Newsletter allows Stored XSS. This issue affects SendPulse Email Marketing Newsletter: from n/a through 2.1.5.
Affected versions: max 2.1.6.
Status: vulnerable