| Vendor | Products | CVEs | KEV | Avg EPSS | Worst Severity |
|---|
| 2 | 2 | 0 | 11.4% | HIGH |
| CVE ID | Description | Severity | CVSS | KEV | EPSS | Published | |
|---|
| CVE-2025-47547 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SendPulse SendPulse Email Marketing Newsletter sendpulse-email-marketing-newsletter allows Stored XSS.This issue affects SendPulse Email Marketing Newsletter: from n/a through <= 2.1.6. | MEDIUM | 5.4 | — | 11.2% | May 7, 2025 | |
| CVE-2023-45274 | Cross-Site Request Forgery (CSRF) vulnerability in SendPulse SendPulse Free Web Push plugin <= 1.3.1 versions. | HIGH | 8.8 | — | 11.7% | Oct 16, 2023 | |