Email Subscription Popup@* Security Vulnerabilities and Issues — Email Subscription Popup@* CVE List

Lucene search

I13websolutionEmail Subscription Popup*

3 matches found

CVE•added 2024/03/17 5:15 p.m.•62 views

CVE-2024-27960

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in I Thirteen Web Solution Email Subscription Popup allows Stored XSS.This issue affects Email Subscription Popup: from n/a through 1.2.20.

7.1CVSS7AI score0.00056EPSS

CVE•added 2024/11/19 11:15 a.m.•40 views

CVE-2024-11195

The Email Subscription Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's print_email_subscribe_form shortcode in all versions up to, and including, 1.2.22 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it pos...

6.4CVSS5.7AI score0.00058EPSS

CVE•added 2024/01/08 7:15 p.m.•30 views

CVE-2023-6555

The Email Subscription Popup WordPress plugin before 1.2.20 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

6.1CVSS6AI score0.00312EPSS