Lucene search
K
I13websolutionEmail Subscription Popup*

4 matches found

CVE
CVE
added 2024/03/17 4:30 p.m.71 views

CVE-2024-27960

CVE-2024-27960 affects the Email Subscription Popup WordPress plugin (I Thirteen Web Solution) up to version 1.2.20. Root cause: improper neutralization of input during web page generation, enabling Stored XSS. Impact per sources is low confidentiality/integrity impact with user interaction requi...

7.1CVSS8.6AI score0.00331EPSS
CVE
CVE
added 2023/12/06 4:32 a.m.69 views

CVE-2023-6527

Email Subscription Popup (WordPress plugin) is affected by a Reflected XSS via the HTTP_REFERER header in all versions up to 1.2.18 due to insufficient input sanitization and output escaping. Exploitation requires user interaction and unauthenticated access. Root cause: inadequate input handling ...

6.1CVSS6.2AI score0.00378EPSS
CVE
CVE
added 2024/11/19 11:2 a.m.50 views

CVE-2024-11195

The Email Subscription Popup plugin for WordPress (versions up to and including 1.2.22) is vulnerable to Stored Cross-Site Scripting via the print_email_subscribe_form shortcode due to insufficient input sanitization and output escaping on user-supplied attributes. Authenticated attackers with co...

6.4CVSS5.7AI score0.0036EPSS
CVE
CVE
added 2024/01/08 7:0 p.m.42 views

CVE-2023-6555

CVE-2023-6555 affects the Email Subscription Popup WordPress plugin prior to 1.2.20. The vulnerability is a Reflected XSS caused by not sanitizing/escaping a parameter before echoing it back in the page, potentially exploitable against high-privilege users (e.g., admins). Public details in connec...

6.1CVSS6AI score0.00442EPSS
Web