VYPR

Newsmanapp

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-60164HigSep 26, 2025
    risk 0.46cvss 7.1epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in NewsMAN NewsmanApp newsmanapp allows Stored XSS.This issue affects NewsmanApp: from n/a through <= 2.7.7.

  • CVE-2024-11767MedDec 13, 2024
    risk 0.35cvss 6.4epss 0.00

    The NewsmanApp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'newsman_subscribe_widget' shortcode in all versions up to, and including, 2.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes…