cleantalk
Vulnerabilities and Security Researches

Newsletters, CVE-2025-69020

CVE, Research URL

CVE-2025-69020

Home page URL

Security reports for Newsletters

Application

Newsletters

Published on
Dec 30, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Newsletters newsletters-lite allows Stored XSS.This issue affects Newsletters: from n/a through <= 4.12.
Affected versions
max 4.12.
Status
vulnerable
Previous vulnerability researches
Newsletters (CVE-2024-37227) , Jun 24, 2024
Newsletters (CVE-2024-47346) , Oct 01, 2024
Newsletters (CVE-2024-7411) , Aug 16, 2024
Newsletters (CVE-2024-35718) , Jun 09, 2024
Newsletters (CVE-2024-13739) , Mar 23, 2025
New vulnerability
wpForo Forum (CVE-2026-49767) , Jun 12, 2026
Easy Image Collage (CVE-2026-9019) , Jun 12, 2026
Stop WP Emails Going to Spam (CVE-2023-33999) , Jun 12, 2026
Duplicate Post (CVE-2026-53738) , Jun 12, 2026
Schema &amp; Structured Data for WP &amp; AMP (CVE-2026-9067) , Jun 12, 2026