CVE-2024-30522
WordPress Newsletter plugin <= 8.2.0 - IP Blacklist Bypass vulnerabilityAuthentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through 8.2.0.
We have discovered 23,402 live websites that are affected by CVE-2024-30522.
Affected Software
| Product |  Newsletter |
| Category | Wordpress Plugins |
| Vulnerable Domains | 23,402 live websites (28% of Newsletter install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 299 versions ( 78% of all versions) |
Common Weakness Enumeration
CWE-290 Authentication Bypass by SpoofingDetails
- Published - May 17, 2024
- Updated - Aug 2, 2024
Credits
- Mika (Patchstack Alliance) (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2024-30522 United States | 5,214 websites |
 Germany | 3,151 websites |
 Italy | 2,129 websites |
 France | 1,885 websites |
 Poland | 1,003 websites |
 GB | 843 websites |
 Spain | 573 websites |
 Russia | 483 websites |
 Netherlands | 449 websites |
 Brazil | 431 websites |
Website Distribution by TLD
Number of websites using CVE-2024-30522| .com | 8,820 websites |
| .de | 1,660 websites |
| .it | 1,452 websites |
| .org | 1,233 websites |
| .pl | 760 websites |
| .fr | 747 websites |
| .net | 490 websites |
| .co.uk | 420 websites |
| .eu | 391 websites |
| .com.br | 383 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2024-30522
Top websites that are affected by CVE-2024-30522. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| **********.com | United States | *,*** | |
| *********.com | United States | *,*** | |
| **************.com | United States | **,*** | |
| ******.com | United States | **,*** | |
| **********.com | United States | **,*** | |
| ***************.com | United States | **,*** | |
| **********.com | United States | **,*** | |
| ***********.com |  Israel | **,*** | |
| ********.***.au |  Australia | **,*** | |
| **.ru | Russia | **,*** |
FAQ
CVE-2024-30522 is Authentication Bypass by Spoofing in Newsletter
A total of 23,402 websites have been identified as vulnerable to CVE-2024-30522, based on global website indexing conducted by WebTechSurvey.
The Newsletter is affected by the CVE-2024-30522 vulnerability.
Newsletter versions up to 8.2.1 are vulnerable to CVE-2024-30522.
CVE-2024-30522 is resolved in version 8.2.1 of Newsletter.