cleantalk
Vulnerabilities and Security Researches

Email Subscription Popup, CVE-2024-27960

CVE, Research URL

CVE-2024-27960

Home page URL

Security reports for Email Subscription Popup

Application

Email Subscription Popup

Published on
Mar 17, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in I Thirteen Web Solution Email Subscription Popup allows Stored XSS.This issue affects Email Subscription Popup: from n/a through 1.2.20.
Affected versions
max 1.2.21.
Status
vulnerable
Previous vulnerability researches
Simple Email Subscriber (CVE-2025-27354) , Feb 27, 2025
Elastic Email Subscribe Form (CVE-2025-28985) , Jun 15, 2025
Email Subscription Popup (CVE-2025-49912) , Nov 10, 2025
Email Subscription Popup (CVE-2024-11195) , Nov 20, 2024
Email Subscription Popup (CVE-2023-6527) , Jun 07, 2024
New vulnerability
LLM Hubspot Blog Import (CVE-2025-11257) , Nov 11, 2025
AI ChatBot (CVE-2025-62952) , Nov 11, 2025
Pie Calendar (CVE-2025-62024) , Nov 11, 2025
Demo Import Kit (CVE-2025-10051) , Nov 11, 2025
Slider Templates (CVE-2025-62988) , Nov 11, 2025