cleantalk
Vulnerabilities and Security Researches

AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress, CVE-2025-24617

CVE, Research URL

CVE-2025-24617

Home page URL

Security reports for AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress

Application

AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress

Published on
Feb 14, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter allows Reflected XSS. This issue affects AcyMailing SMTP Newsletter: from n/a through n/a.
Affected versions
max 9.11.1.
Status
vulnerable
Previous vulnerability researches
AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress (CVE-2025-24617) , Feb 16, 2025
AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress (CVE-2024-7384) , Aug 23, 2024
AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress (CVE-2026-3614) , Apr 16, 2026
AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress (CVE-2023-41867) , Jun 06, 2024
AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress (CVE-2021-24288) , Jun 06, 2024
New vulnerability
WP YouTube Lyte (CVE-2026-3299) , Apr 16, 2026
WordPress Plugin for Google Maps – WP MAPS (CVE-2025-13364) , Apr 16, 2026
WordPress Plugin for Google Maps – WP MAPS (CVE-2026-39492) , Apr 16, 2026
Tutor LMS – eLearning and online course solution (CVE-2026-0548) , Apr 16, 2026
Tutor LMS – eLearning and online course solution (CVE-2026-40740) , Apr 16, 2026