cleantalk
Vulnerabilities and Security Researches

weMail – Email Marketing, Newsletter, Optin Forms, Subscribers WordPress Plugin, CVE-2024-43238

CVE, Research URL

CVE-2024-43238

Home page URL

Security reports for weMail – Email Marketing, Newsletter, Optin Forms, Subscribers WordPress Plugin

Application

weMail – Email Marketing, Newsletter, Optin Forms, Subscribers WordPress Plugin

Published on
Aug 18, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weDevs weMail wemail allows DOM-Based XSS.This issue affects weMail: from n/a through <= 1.14.5.
Affected versions
max 1.14.6.
Status
vulnerable
Previous vulnerability researches
weMail &#8211; Email Marketing, Newsletter, Optin Forms, Subscribers WordPress Plugin (CVE-2022-47150) , Jun 13, 2026
weMail &#8211; Email Marketing, Newsletter, Optin Forms, Subscribers WordPress Plugin (CVE-2026-8089) , Jun 20, 2026
weMail &#8211; Email Marketing, Newsletter, Optin Forms, Subscribers WordPress Plugin (CVE-2024-34822) , Jun 07, 2024
weMail &#8211; Email Marketing, Newsletter, Optin Forms, Subscribers WordPress Plugin (6a52473efb874076a39c4ea21209648e624cf1b4) , Jun 07, 2024
weMail &#8211; Email Marketing, Newsletter, Optin Forms, Subscribers WordPress Plugin (CVE-2025-47540) , May 09, 2025
New vulnerability
Listdom – Business Directory and Classified Ads Listings WordPress Plugin (CVE-2026-54819) , Jun 20, 2026
GIFT4U &#8211; Gift Cards All in One for Woo (CVE-2026-54809) , Jun 20, 2026
WP DSGVO Tools (GDPR) (CVE-2026-10034) , Jun 20, 2026
weMail &#8211; Email Marketing, Newsletter, Optin Forms, Subscribers WordPress Plugin (CVE-2026-8089) , Jun 20, 2026
Form Maker by 10Web &#8211; Mobile-Friendly Drag &amp; Drop Contact Form Builder (CVE-2026-11777) , Jun 19, 2026