VYPR

Woocommerce Sendinblue Newsletter Subscription

by WordPress

Source repositories

CVEs (2)

  • CVE-2024-32807HigMay 6, 2024
    risk 0.55cvss 8.5epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brevo Sendinblue for WooCommerce allows Relative Path Traversal, Manipulating Web Input to File System Calls.This issue affects Sendinblue for WooCommerce: from n/a through 4.0.17.

  • CVE-2025-66128MedDec 16, 2025
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in Brevo Sendinblue for WooCommerce woocommerce-sendinblue-newsletter-subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendinblue for WooCommerce: from n/a through <= 4.0.49.