cleantalk
Vulnerabilities and Security Researches

Newsletters, CVE-2025-54035

CVE, Research URL

CVE-2025-54035

Home page URL

Security reports for Newsletters

Application

Newsletters

Published on
Jul 16, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Software Newsletters allows Cross Site Request Forgery. This issue affects Newsletters: from n/a through 4.10.
Affected versions
Min -, max 4.11.
Status
vulnerable
Previous vulnerability researches
Newsletters (CVE-2024-37227) , Jun 24, 2024
Newsletters (CVE-2024-47346) , Oct 01, 2024
Newsletters (CVE-2024-7411) , Aug 16, 2024
Newsletters (CVE-2024-35718) , Jun 09, 2024
Newsletters (CVE-2024-13739) , Mar 23, 2025
New vulnerability
Wallet System for WooCommerce – Digital Wallet, Cashback Rewards, Recharge User Wallets, View Transaction History (CVE-2025-54041) , Jul 19, 2025
Chatbox Manager (CVE-2025-48167) , Jul 19, 2025
Zuppler Online Ordering (CVE-2025-6053) , Jul 19, 2025
Counter live visitors for WooCommerce (CVE-2025-7359) , Jul 19, 2025
AntiSpam for Contact Form 7 (CVE-2025-54020) , Jul 19, 2025