59 matches found
Popup Builder Plugin - SQL Injection and Cross-Site Scripting
The Popup Builder WordPress plugin before 4.1.1 is vulnerable to SQL Injection and Reflected XSS via the sgpb-subscription-popup-id parameter. id: CVE-2022-0479 info: name: Popup Builder Plugin - SQL Injection and Cross-Site Scripting author: ritikchaddha severity: critical description: | The Pop...
CVE-2025-49912
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nks Email Subscription Popup email-subscribe allows Stored XSS.This issue affects Email Subscription Popup: from n/a through = 1.2.26...
EUVD-2025-35543
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nks Email Subscription Popup email-subscribe allows Stored XSS.This issue affects Email Subscription Popup: from n/a through = 1.2.26...
CVE-2025-49912
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nks Email Subscription Popup email-subscribe allows Stored XSS.This issue affects Email Subscription Popup: from n/a through = 1.2.26...
CVE-2025-49912 WordPress Email Subscription Popup plugin <= 1.2.26 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nks Email Subscription Popup email-subscribe allows Stored XSS.This issue affects Email Subscription Popup: from n/a through = 1.2.26...
CVE-2025-49912 WordPress Email Subscription Popup plugin <= 1.2.26 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nks Email Subscription Popup email-subscribe allows Stored XSS.This issue affects Email Subscription Popup: from n/a through = 1.2.26...
WordPress Email Subscription Popup plugin <= 1.2.26 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Kim YunJi in WordPress Plugin Email Subscription Popup versions = 1.2.26...
WordPress plugin Nks Email Subscription Popup Cross Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-43179
Name of the Vulnerable Software and Affected Versions Nks Email Subscription Popup versions through 1.2.26 Description The software contains a flaw due to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means that malicious scrip...
EUVD-2024-33753
Malicious code in bioql PyPI...
EUVD-2023-34904
Malicious code in bioql PyPI...
EUVD-2023-58784
Malicious code in bioql PyPI...
EUVD-2023-58758
Malicious code in bioql PyPI...
EUVD-2024-25134
Malicious code in bioql PyPI...
CVE-2024-11195
The Email Subscription Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's printemailsubscribeform shortcode in all versions up to, and including, 1.2.22 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2023-30489
Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Email Subscription Popup plugin = 1.2.16 versions...
CVE-2025-24587
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nks Email Subscription Popup email-subscribe allows Blind SQL Injection.This issue affects Email Subscription Popup: from n/a through = 1.2.23...
CVE-2024-27960
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in I Thirteen Web Solution Email Subscription Popup allows Stored XSS.This issue affects Email Subscription Popup: from n/a through 1.2.20...
Exploit for CVE-2025-24587
CVE-2025-24587 1️⃣ Component type WordPress plugin 2️⃣ ...
CVE-2025-24587
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nks Email Subscription Popup email-subscribe allows Blind SQL Injection.This issue affects Email Subscription Popup: from n/a through = 1.2.23...