Noptin < 1.6.5 - Open Redirect

Noptin 1.6.5 is susceptible to an open redirect vulnerability. The plugin does not validate the "to" parameter before redirecting the user to its given value, leading to an open redirect issue. id: CVE-2021-25033 info: name: Noptin 1.6.5 - Open Redirect author: dhiyaneshDk severity: medium...

EUVD-2024-36677

Malicious code in bioql PyPI...

EUVD-2025-28326

Malicious code in bioql PyPI...

EUVD-2022-49585

Malicious code in bioql PyPI...

CVE-2025-49871

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noptin Newsletter Team Noptin newsletter-optin-box allows Stored XSS.This issue affects Noptin: from n/a through = 3.8.7...

CVE-2025-49871

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noptin Newsletter Team Noptin newsletter-optin-box allows Stored XSS.This issue affects Noptin: from n/a through = 3.8.7...

CVE-2025-49871 WordPress Noptin plugin <= 3.8.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noptin Newsletter Team Noptin newsletter-optin-box allows Stored XSS.This issue affects Noptin: from n/a through = 3.8.7...

CVE-2025-49871 WordPress Noptin plugin <= 3.8.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brian Mutende Noptin allows Stored XSS. This issue affects Noptin: from n/a through 3.8.7...

CVE-2025-49871

CVE-2025-49871 is a stored XSS in the WordPress plugin Noptin (newsletter-optin-box) affecting versions up to 3.8.7. Public sources confirm improper neutralization of input during web page generation, enabling stored cross-site scripting. Multiple sources (NVD, Red Hat, CVE listings) consistently...

PT-2025-25727 · Noptin · Noptin

Name of the Vulnerable Software and Affected Versions: Noptin versions 3.8.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject malicious...

WordPress plugin Noptin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

WordPress Noptin plugin <= 3.8.7 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by kmaron1n in WordPress Plugin Noptin versions = 3.8.7...

CVE-2024-37456

Missing Authorization vulnerability in Noptin Newsletter Noptin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Noptin: from n/a through 3.4.2...

CVE-2022-46803

Improper Neutralization of Formula Elements in a CSV File vulnerability in Noptin Newsletter Simple Newsletter Plugin – Noptin.This issue affects Simple Newsletter Plugin – Noptin: from n/a through 1.9.5...

CVE-2024-37456

Missing Authorization vulnerability in Noptin Newsletter Noptin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Noptin: from n/a through 3.4.2...

CVE-2024-37456 WordPress Simple Newsletter Plugin – Noptin plugin <= 3.4.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Noptin Newsletter Noptin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Noptin: from n/a through 3.4.2...

CVE-2024-37456 WordPress Simple Newsletter Plugin – Noptin plugin <= 3.4.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Noptin Newsletter Noptin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Noptin: from n/a through 3.4.2...

CVE-2024-37456

CVE-2024-37456 pertains to the WordPress Simple Newsletter Plugin – Noptin. The connected sources confirm a Missing Authorization vulnerability where Noptin fails to constrain certain functionality via ACLs, allowing unauthorized access. Affected range is Noptin versions through 3.4.2 (and earlie...

PT-2024-27567 · Noptin · Noptin

Name of the Vulnerable Software and Affected Versions: Noptin versions through 3.4.2 Description: The issue is related to a Missing Authorization vulnerability in Noptin Newsletter, where functionality is not properly constrained by ACLs, allowing unauthorized access. Recommendations: For version...

WordPress plugin Noptin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...