CVE-2025-49871
CVE-2025-49871 is a stored XSS in the WordPress plugin Noptin (newsletter-optin-box) affecting versions up to 3.8.7. Public sources confirm improper neutralization of input during web page generation, enabling stored cross-site scripting. Multiple sources (NVD, Red Hat, CVE listings) consistently...