newspack-newsletters

2.13.3

SEMANTIC 2 CVEs

2.13.2

SEMANTIC 2 CVEs

CVE-2024-37242

Cross-Site Request Forgery (CSRF) vulnerability in Automattic Newspack Newsletters allows Cross Site Request Forgery.This issue affects Newspack Newsletters: from n/a through 2.13.2.

MEDIUM Jan 02, 2025

CVE-2024-37475

Missing Authorization vulnerability in Automattic Newspack Newsletters allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Newspack Newsletters: from n/a through 2.13.2.

MEDIUM Nov 01, 2024