cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches formailoptin mailoptin

Direction: ascending
Jun 07, 2024

Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin # CVE-2022-36340

CVE, Research URL

CVE-2022-36340

Home page URL

Security reports for Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin

Application

Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin

Date
Sep 24, 2022
Research Description
Unauthenticated Optin Campaign Cache Deletion vulnerability in MailOptin plugin <= 1.2.49.0 at WordPress.
Affected versions
Min -, max -.
Status
vulnerable

Popup, Optin Form &amp; Email Newsletters for Mailchimp, HubSpot, AWeber &#8211; MailOptin # CVE-2023-23980

CVE, Research URL

CVE-2023-23980

Home page URL

Security reports for Popup, Optin Form &amp; Email Newsletters for Mailchimp, HubSpot, AWeber &#8211; MailOptin

Application

Popup, Optin Form &amp; Email Newsletters for Mailchimp, HubSpot, AWeber &#8211; MailOptin

Date
Apr 06, 2023
Research Description
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MailOptin Popup Builder Team MailOptin plugin <= 1.2.54.0 versions.
Affected versions
Min -, max -.
Status
vulnerable
Sep 25, 2024

Popup, Optin Form &amp; Email Newsletters for Mailchimp, HubSpot, AWeber &#8211; MailOptin # CVE-2024-8628

CVE, Research URL

CVE-2024-8628

Home page URL

Security reports for Popup, Optin Form &amp; Email Newsletters for Mailchimp, HubSpot, AWeber &#8211; MailOptin

Application

Popup, Optin Form &amp; Email Newsletters for Mailchimp, HubSpot, AWeber &#8211; MailOptin

Date
Sep 24, 2024
Research Description
The Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'post-meta' shortcode in all versions up to, and including, 1.2.70.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
Min -, max -.
Status
vulnerable
Sep 05, 2025

Popup, Optin Form &amp; Email Newsletters for Mailchimp, HubSpot, AWeber &#8211; MailOptin # CVE-2025-58596

CVE, Research URL

CVE-2025-58596

Home page URL

Security reports for Popup, Optin Form &amp; Email Newsletters for Mailchimp, HubSpot, AWeber &#8211; MailOptin

Application

Popup, Optin Form &amp; Email Newsletters for Mailchimp, HubSpot, AWeber &#8211; MailOptin

Date
Sep 03, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in properfraction MailOptin allows Stored XSS. This issue affects MailOptin: from n/a through 1.2.75.0.
Affected versions
Min -, max -.
Status
vulnerable