cleantalk
Vulnerabilities and Security Researches

Hustle – Email Marketing, Lead Generation, Optins, Popups, CVE-2024-10580

CVE, Research URL

CVE-2024-10580

Home page URL

Security reports for Hustle – Email Marketing, Lead Generation, Optins, Popups

Application

Hustle – Email Marketing, Lead Generation, Optins, Popups

Published on
Nov 27, 2024
Research Description
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized form submissions due to a missing capability check on the submit_form() function in all versions up to, and including, 7.8.5. This makes it possible for unauthenticated attackers to submit unpublished forms.
Affected versions
Min -, max 7.8.6.
Status
vulnerable
Previous vulnerability researches
Clever Addons for Elementor (CVE-2024-43324) , Aug 20, 2024
Clever Addons for Elementor (CVE-2024-10357) , Oct 27, 2024
Clever Addons for Elementor (CVE-2024-51580) , Nov 04, 2024
Clever Addons for Elementor (CVE-2024-2350) , Jun 07, 2024
Clever Addons for Elementor (CVE-2021-24273) , Jun 07, 2024
New vulnerability
Newsletter – Send awesome emails from WordPress (CVE-2025-3583) , May 07, 2025
Insert PHP Code Snippet (CVE-2024-43275) , May 07, 2025
Gutenverse – Gutenberg Blocks – Page Builder for Site Editor (CVE-2024-38785) , May 07, 2025
Section Widget (CVE-2025-46537) , May 07, 2025
WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) (CVE-2024-3599) , May 07, 2025