CVE-2026-3018 | contrid Newsletters Plugin up to 4.13 on WordPress sql injection

June 10, 2026 Yanac

A vulnerability was found in contrid Newsletters Plugin up to 4.13 on WordPress and classified as critical. This affects an unknown function. Such manipulation leads to sql injection.

This vulnerability is documented as CVE-2026-3018. The attack can be executed remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2026-11852 | Debian debusine up to 0.14.5 permission
CVE-2025-6254 | AmentoTech Doctreat Core Plugin up to 1.6.8 on WordPress doctreat_process_registration privileges management