Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Constant Contact — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting Constant Contact. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Constant Contact provides email marketing and digital campaign management services for small businesses. Historically, the platform has been susceptible to cross-site scripting (XSS) and remote code execution vulnerabilities, often through improper input validation and insecure API endpoints. While no major public security incidents have been widely documented, the six recorded CVEs highlight recurring issues in user input handling and access control. The platform's web-facing nature and integration with third-party services create potential attack surfaces, though the company has typically addressed vulnerabilities through timely patches. Security researchers have noted that while the vulnerabilities are generally low to medium severity, their prevalence in marketing platforms warrants regular security assessments.

Top products by Constant Contact: Creative Mail (WordPress plugin) Constant Contact Forms Constant Contact + WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2025-67580 WordPress Constant Contact + WooCommerce plugin <= 2.4.1 - Broken Access Control vulnerability — Constant Contact + WooCommerceCWE-862 5.3 Medium2025-12-09
CVE-2023-34387 WordPress Constant Contact Forms plugin <= 2.0.3 - Broken Access Control vulnerability — Constant Contact FormsCWE-862 4.3 Medium2024-12-13
CVE-2023-52208 WordPress Constant Contact Forms Plugin <= 2.4.2 is vulnerable to Sensitive Data Exposure — Constant Contact FormsCWE-200 5.3 Medium2024-01-08
CVE-2022-44740 WordPress Creative Mail plugin <= 1.5.4 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities — Creative Mail (WordPress plugin)CWE-352 5.4 Medium2022-11-18
CVE-2022-40687 WordPress Creative Mail plugin <= 1.5.4 - Cross-Site Request Forgery (CSRF) vulnerability — Creative Mail (WordPress plugin)CWE-352 5.4 Medium2022-11-18
CVE-2022-40686 WordPress Creative Mail plugin <= 1.5.4 - Cross-Site Request Forgery (CSRF) vulnerability — Creative Mail (WordPress plugin)CWE-352 5.4 Medium2022-11-18

This page lists every published CVE security advisory associated with Constant Contact. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.