CVE-2025-49871 WordPress Noptin plugin <= 3.8.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noptin Newsletter Team Noptin newsletter-optin-box allows Stored XSS.This issue affects Noptin: from n/a through = 3.8.7...

WordPress Noptin Plugin <= 3.4.2 is vulnerable to Broken Access Control

Software Noptin Type Plugin Vulnerable versions = 3.4.2 Fixed in 3.4.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37456 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 11706a81609d Credits Manab Jyoti Dowarah Required privilege...