Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Blind SQL Injection.This issue affects AcyMailing SMTP Newsletter: from n/a through <= 10.11.0.
History

Mon, 13 Jul 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 13 Jul 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Acymailing Newsletter Team
Acymailing Newsletter Team acymailing Smtp Newsletter
Wordpress
Wordpress wordpress
Vendors & Products Acymailing Newsletter Team
Acymailing Newsletter Team acymailing Smtp Newsletter
Wordpress
Wordpress wordpress

Mon, 13 Jul 2026 10:00:00 +0000

Type Values Removed Values Added
Description Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Blind SQL Injection.This issue affects AcyMailing SMTP Newsletter: from n/a through <= 10.11.0.
Title WordPress AcyMailing SMTP Newsletter plugin <= 10.11.0 - SQL Injection vulnerability
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 9.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2026-07-13T08:41:24.999Z

Updated: 2026-07-13T14:23:53.401Z

Reserved: 2026-06-25T08:04:29.578Z

Link: CVE-2026-57739

cve-icon Vulnrichment

Updated: 2026-07-13T14:23:47.209Z

cve-icon NVD

No data.

cve-icon Redhat

No data.