CVE-2025-66128

Publication date

2025-12-16 08:12:53

Family

Patchstack

State

PUBLISHED

Description

Missing Authorization vulnerability in Brevo Sendinblue for WooCommerce woocommerce-sendinblue-newsletter-subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendinblue for WooCommerce: from n/a through <= 4.0.49.