CVE-2025-48308

Cross-Site Request Forgery CSRF vulnerability in nonletter Newsletter subscription optin module newsletter-subscription-widget-for-sendblaster allows Stored XSS.This issue affects Newsletter subscription optin module: from n/a through = 1.2.9...

CVE-2025-48308

Cross-Site Request Forgery CSRF vulnerability in nonletter Newsletter subscription optin module newsletter-subscription-widget-for-sendblaster allows Stored XSS.This issue affects Newsletter subscription optin module: from n/a through = 1.2.9...

CVE-2025-48308

CVE-2025-48308 discusses a CSRF vulnerability in the Newsletter subscription optin module (versions up to 1.2.9) that can lead to Stored XSS. Affected software: Newsletter subscription optin module. Root cause: CSRF enabling stored XSS. Impact per sources: potential for stored XSS with low to mod...

PT-2025-34997

Name of the Vulnerable Software and Affected Versions: nonletter Newsletter subscription optin module versions through 1.2.9 Description: A Cross-Site Request Forgery CSRF vulnerability exists in the Newsletter subscription optin module, which also allows for Stored Cross-Site Scripting XSS...

WordPress plugin newsletter subscription optin module cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...