Elastic Email Sender

CVEs (3)

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2025-28985	Elastic Email Sender Elastic Email Sender	Med	0.35	5.4	Jun 6, 2025	Missing Authorization vulnerability in Elastic Email Elastic Email Subscribe Form elastic-email-subscribe-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Subscribe Form: from n/a through <= 1.2.2.
CVE-2025-66525	Elastic Email Sender Elastic Email Sender	Med	0.28	4.3	Dec 9, 2025	Missing Authorization vulnerability in Elastic Email Elastic Email Sender elastic-email-sender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Sender: from n/a through <= 1.2.20.
CVE-2023-38387	Elastic Email Sender Elastic Email Sender		0.00	—	Sep 3, 2023	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Elastic Email Sender plugin <= 1.2.6 versions.

CVE-2025-28985MedJun 6, 2025
Elastic Email Sender
Elastic Email Sender
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Elastic Email Elastic Email Subscribe Form elastic-email-subscribe-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Subscribe Form: from n/a through <= 1.2.2.
CVE-2025-66525MedDec 9, 2025
Elastic Email Sender
Elastic Email Sender
risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Elastic Email Elastic Email Sender elastic-email-sender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Sender: from n/a through <= 1.2.20.
CVE-2023-38387Sep 3, 2023
Elastic Email Sender
Elastic Email Sender
risk 0.00cvss —epss 0.00
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Elastic Email Sender plugin <= 1.2.6 versions.