I13websolution Email_subscription_popup
5 CVEs affecting I13websolution Email_subscription_popup. Latest disclosed: 2024-11-19. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-27960 | High | 7.1 | 2024-03-17 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in I Thirteen Web Solution Email Subscription Popup allows S… |
CVE-2023-30489 | High | 7.1 | 2023-08-14 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Email Subscription Popup plugin <= 1.2.16 versions. |
CVE-2024-11195 | Medium | 6.4 | 2024-11-19 | The Email Subscription Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's print_email_subscribe_form shortcode in all ver… |
CVE-2023-6555 | Medium | 6.1 | 2024-01-08 | The Email Subscription Popup WordPress plugin before 1.2.20 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflec… |
CVE-2023-6527 | Medium | 6.1 | 2023-12-06 | The Email Subscription Popup plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the HTTP_REFERER header in all versions up to, and includ… |