Vulnerabilities and security researches fornewsletter-optin-box newsletter-optin-box

Jun 06, 2024

CVE, Research URL: CVE-2022-46803
Home page URL: Security reports for Simple Newsletter Plugin – Noptin
Application: Simple Newsletter Plugin – Noptin
Date: Nov 07, 2023
Research Description: Improper Neutralization of Formula Elements in a CSV File vulnerability in Noptin Newsletter Simple Newsletter Plugin – Noptin.This issue affects Simple Newsletter Plugin – Noptin: from n/a through 1.9.5.
Affected versions: max 1.10.0.
Status: vulnerable

CVE, Research URL: CVE-2021-25033
Home page URL: Security reports for Simple Newsletter Plugin – Noptin
Application: Simple Newsletter Plugin – Noptin
Date: Feb 14, 2022
Research Description: The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue
Affected versions: max 1.6.5.
Status: vulnerable

Jul 04, 2024

CVE, Research URL: CVE-2024-37456
Home page URL: Security reports for Simple Newsletter Plugin – Noptin
Application: Simple Newsletter Plugin – Noptin
Date: Nov 01, 2024
Research Description: Missing Authorization vulnerability in Noptin Newsletter Noptin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Noptin: from n/a through 3.4.2.
Affected versions: max 3.4.3.
Status: vulnerable

Jun 16, 2025

CVE, Research URL: CVE-2025-49871
Home page URL: Security reports for Simple Newsletter Plugin – Noptin
Application: Simple Newsletter Plugin – Noptin
Date: Jun 17, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Mutende Noptin allows Stored XSS. This issue affects Noptin: from n/a through 3.8.7.
Affected versions: max 4.0.0.
Status: vulnerable