CVE-2025-10638

The NS Maintenance Mode for WP WordPress plugin through 1.3.1 lacks authorization in its subscriber export function allowing unauthenticated attackers to download a list of a site's subscribers containing their name and email address...

CVE-2025-10638 NS Maintenance Mode for WP <= 1.3.1 - Unauthenticated Subscribers Export

The NS Maintenance Mode for WP WordPress plugin through 1.3.1 lacks authorization in its subscriber export function allowing unauthenticated attackers to download a list of a site's subscribers containing their name and email address...

CVE-2025-10638

CVE-2025-10638 affects the NS Maintenance Mode for WP WordPress plugin (versions up to 1.3.1). The vulnerability enables unauthenticated attackers to access the subscriber export function and download a list of site subscribers, including their names and email addresses. The linked documents conf...

eCommerce-website-in-PHP 安全漏洞

eCommerce-website-in-PHP is a free and open source php e-commerce platform by scriptandtools individual developers. A security vulnerability exists in eCommerce-website-in-PHP version 3.0, which originates from an incorrect operation of the file /admin/subscriber-csv.php that results in informati...

WordPress popup-builder information disclosure vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Sygnoos Popup Builder is one of the popup plugins used in it. A vulnerability exists in WordPress popup-builder versions prior to 3.64....