cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forwordpress-popup wordpress-popup

Direction: descending
May 06, 2025

Hustle – Email Marketing, Lead Generation, Optins, Popups # CVE-2024-10580

CVE, Research URL

CVE-2024-10580

Home page URL

Security reports for Hustle – Email Marketing, Lead Generation, Optins, Popups

Application

Hustle – Email Marketing, Lead Generation, Optins, Popups

Date
Nov 27, 2024
Research Description
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized form submissions due to a missing capability check on the submit_form() function in all versions up to, and including, 7.8.5. This makes it possible for unauthenticated attackers to submit unpublished forms.
Affected versions
Min -, max -.
Status
vulnerable
Nov 27, 2024

Hustle – Email Marketing, Lead Generation, Optins, Popups # CVE-2024-10579

CVE, Research URL

CVE-2024-10579

Home page URL

Security reports for Hustle – Email Marketing, Lead Generation, Optins, Popups

Application

Hustle – Email Marketing, Lead Generation, Optins, Popups

Date
Nov 26, 2024
Research Description
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the preview_module() function in all versions up to, and including, 7.8.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view unpublished forms.
Affected versions
Min -, max -.
Status
vulnerable
Oct 13, 2024

Hustle – Email Marketing, Lead Generation, Optins, Popups # CVE-2024-8492

CVE, Research URL

CVE-2024-8492

Home page URL

Security reports for Hustle – Email Marketing, Lead Generation, Optins, Popups

Application

Hustle – Email Marketing, Lead Generation, Optins, Popups

Date
-
Research Description
Hustle &#8211; Email Marketing, Lead Generation, Optins, Popups [wordpress-popup] < 7.8.5 (closed) CVE-2024-8492
Affected versions
Min -, max -.
Status
vulnerable
Jun 07, 2024

Hustle &#8211; Email Marketing, Lead Generation, Optins, Popups # CVE-2024-0368

CVE, Research URL

CVE-2024-0368

Home page URL

Security reports for Hustle &#8211; Email Marketing, Lead Generation, Optins, Popups

Application

Hustle &#8211; Email Marketing, Lead Generation, Optins, Popups

Date
Mar 13, 2024
Research Description
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.8.3 via hardcoded API Keys. This makes it possible for unauthenticated attackers to extract sensitive data including PII.
Affected versions
Min -, max -.
Status
vulnerable

Hustle &#8211; Email Marketing, Lead Generation, Optins, Popups # CVE-2019-11872

CVE, Research URL

CVE-2019-11872

Home page URL

Security reports for Hustle &#8211; Email Marketing, Lead Generation, Optins, Popups

Application

Hustle &#8211; Email Marketing, Lead Generation, Optins, Popups

Date
May 30, 2019
Research Description
The Hustle (aka wordpress-popup) plugin 6.0.7 for WordPress is vulnerable to CSV Injection as it allows for injecting malicious code into a pop-up window. Successful exploitation grants an attacker with a right to execute malicious code on the administrator's computer through Excel functions as the plugin does not sanitize the user's input and allows insertion of any text.
Affected versions
Min -, max -.
Status
vulnerable

Hustle &#8211; Email Marketing, Lead Generation, Optins, Popups # CVE-2018-18576

CVE, Research URL

CVE-2018-18576

Home page URL

Security reports for Hustle &#8211; Email Marketing, Lead Generation, Optins, Popups

Application

Hustle &#8211; Email Marketing, Lead Generation, Optins, Popups

Date
Mar 17, 2020
Research Description
The Hustle (aka wordpress-popup) plugin through 6.0.5 for WordPress allows Directory Traversal to obtain a directory listing via the views/admin/dashboard/ URI.
Affected versions
Min -, max -.
Status
vulnerable