HIGH
Tribulant Software
CVE published 2026-07-13
CVE-2026-57394
CVE-2026-57394 is a Reflected Cross-Site Scripting (XSS) vulnerability in the Newsletters plugin for WordPress. The vulnerability affects versions up to and including 4.14. This issue allows attackers to inject malicious scripts into web pages, potentially leading to unauthorized actions or data exposure. The vulnerability has a CVSS score of 7.1, indicating a High severity level. Administrators and users [truncated]