cleantalk
Vulnerabilities and Security Researches

Arigato Autoresponder and Newsletter, CVE-2025-39594

CVE, Research URL

CVE-2025-39594

Home page URL

Security reports for Arigato Autoresponder and Newsletter

Application

Arigato Autoresponder and Newsletter

Published on
Apr 17, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Arigato Autoresponder and Newsletter allows Reflected XSS. This issue affects Arigato Autoresponder and Newsletter: from n/a through 2.7.2.4.
Affected versions
Min -, max 2.7.2.5.
Status
vulnerable
Previous vulnerability researches
Arigato Autoresponder and Newsletter (CVE-2018-1002003) , Jun 07, 2024
Arigato Autoresponder and Newsletter (CVE-2018-1002005) , Jun 07, 2024
Arigato Autoresponder and Newsletter (CVE-2018-1002006) , Jun 07, 2024
Arigato Autoresponder and Newsletter (CVE-2018-1002007) , Jun 07, 2024
Arigato Autoresponder and Newsletter (CVE-2018-1002001) , Jun 07, 2024
New vulnerability
Temporarily Hidden Content (CVE-2025-7658) , Jul 21, 2025
Testimonial Post type (CVE-2025-5800) , Jul 21, 2025
WP Shortcodes Plugin — Shortcodes Ultimate (CVE-2025-7369) , Jul 21, 2025
WP Shortcodes Plugin — Shortcodes Ultimate (CVE-2025-7354) , Jul 21, 2025
Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms (CVE-2025-7697) , Jul 21, 2025