cleantalk
Vulnerabilities and Security Researches

Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue), CVE-2025-14799

CVE, Research URL

CVE-2025-14799

Home page URL

Security reports for Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue)

Application

Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue)

Published on
Feb 18, 2026
Research Description
The Brevo - Email, SMS, Web Push, Chat, and more. plugin for WordPress is vulnerable to authorization bypass due to type juggling in all versions up to, and including, 3.3.0. This is due to the use of loose comparison (==) instead of strict comparison (===) when validating the installation ID in the `/wp-json/mailin/v1/mailin_disconnect` REST API endpoint. This makes it possible for unauthenticated attackers to disconnect the Brevo integration, delete the API key, remove all subscription forms, and reset plugin settings by sending a boolean `true` value for the `id` parameter, which bypasses the authorization check through PHP type juggling.
Affected versions
max 3.3.1.
Status
vulnerable
Previous vulnerability researches
Mailing Group Listserv (CVE-2025-46463) , May 05, 2025
Mailing Group Listserv (CVE-2025-22595) , Jan 11, 2025
Mailing Group Listserv (CVE-2025-22527) , Jan 11, 2025
Mailing Group Listserv (CVE-2025-50036) , Jun 23, 2025
SMTP Mailing Queue (CVE-2023-1090) , Jun 07, 2024
New vulnerability
SiteGuard WP Plugin (CVE-2026-27411) , Mar 29, 2026
Visual Portfolio, Photo Gallery & Post Grid (CVE-2026-32537) , Mar 29, 2026
StatCounter – Free Real Time Visitor Stats (CVE-2025-13048) , Mar 29, 2026
TeraWallet – Best WooCommerce Wallet System With Cashback Rewards, Partial Payment, Wallet Refunds (CVE-2026-32398) , Mar 29, 2026
Activity Log WinterLock (CVE-2026-24987) , Mar 29, 2026