Security Risk Category
acymailing Security Risks
Published vulnerability pages connected to acymailing. One risk can appear in multiple categories while keeping one canonical page.
acymailing risks
Showing 2 of 2 published risks.
AcyMailing WordPress Plugin Stored Cross-Site Scripting Vulnerability
The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alignment' attribute in all versions up to, and including, 10.10.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Updated Jul 10, 2026
AcyMailing Joomla Component SQL Injection Vulnerability
A SQLi vulnerability in AcyMailing component < 10.11.1 for Joomla was discovered. Exploiting this flaw can lead to unauthorized database access and data leakage.
Updated Jul 10, 2026
