Simple Newsletter Plugin – Noptin, CVE-2025-49871

CVE, Research URL: CVE-2025-49871
Home page URL: Security reports for Simple Newsletter Plugin – Noptin
Application: Simple Newsletter Plugin – Noptin
Published on: Jun 17, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Mutende Noptin allows Stored XSS. This issue affects Noptin: from n/a through 3.8.7.
Affected versions: max 4.0.0.
Status: vulnerable

Simple Newsletter Plugin &#8211; Noptin, CVE-2025-49871