WordPress Plugin Vulnerabilities

st_newsletter - Remote SQL Injection

Description

The st_newsletter WordPress plugin was affected by a Remote SQL Injection security vulnerability.

Affects Plugins

Plugin icon
st_newsletter
No known fix

References

CVE
CVE-2008-0683
Exploitdb
5053

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Verified
No
WPVDB ID
628880e2-910c-4dc7-9872-ea48dffc161a

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-11-28 (about 6 years ago)

Other

Published
Title
Published
2025-05-12
Title
ProfileGrid < 5.9.5.1 - Authenticated (Subscriber+) SQL Injection
Published
2015-07-16
Title
Plugmatter Optin Feature Box <= 2.0.13 - Unauthenticated Blind SQL Injection
Published
2020-11-12
Title
Good LMS < 2.1.5 - Unauthenticated SQL Injection
Published
2022-03-23
Title
Daily Prayer Time < 2022.03.01 - Unauthenticated SQLi
Published
2022-02-11
Title
Email Subscribers & Newsletters < 5.3.2 - Subscriber+ Blind SQL injection