CVE-2025-30921

HIGH

Tribulant Software Newsletters <4.9.9.7 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-30921. PoCs published by DoTTak.

AI-analyzed exploit summary This PoC demonstrates an SQL Injection vulnerability in the WordPress Newsletters plugin (version <= 4.9.9.7) via the `history_id` parameter in an AJAX request. The exploit allows an attacker with administrator privileges to extract database information such as the database name and version.

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Software Newsletters newsletters-lite allows SQL Injection.This issue affects Newsletters: from n/a through <= 4.9.9.7.

Exploits (1)

nomisec WORKING POC 1 stars
by DoTTak · poc
https://github.com/DoTTak/CVE-2025-30921

This PoC demonstrates an SQL Injection vulnerability in the WordPress Newsletters plugin (version <= 4.9.9.7) via the `history_id` parameter in an AJAX request. The exploit allows an attacker with administrator privileges to extract database information such as the database name and version.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: WordPress Newsletters plugin <= 4.9.9.7
Auth required
Prerequisites: WordPress site with vulnerable Newsletters plugin installed · Administrator privileges
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.6
EPSS 0.0046
EPSS Percentile 36.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (1)
Tribulant Software/Newsletters < 4.9.9.7
Published Mar 27, 2025
Tracked Since Feb 18, 2026