← Back

Aweber

aweber

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Aweber
aweber
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-13313
1Aweber
1Aweber
Jun 17, 2026
May 15, 2025
N/A· v4
4.8 MEDIUM· v3
N/A· v2
The AWeber WordPress plugin through 7.3.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_...Show more
The AWeber WordPress plugin through 7.3.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).Show less
CVE-2023-47757
1Aweber
1Aweber
Jun 17, 2026
Nov 17, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in AWeber AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth allows Accessing Functionality N...Show more
Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in AWeber AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth allows Accessing Functionality Not Properly Constrained by ACLs, Cross-Site Request Forgery.This issue affects AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth: from n/a through 7.3.9.Show less