cleantalk
Vulnerabilities and Security Researches

Elastic Email Subscribe Form, CVE-2025-28985

CVE, Research URL

CVE-2025-28985

Home page URL

Security reports for Elastic Email Subscribe Form

Application

Elastic Email Subscribe Form

Published on
Jun 06, 2025
Research Description
Missing Authorization vulnerability in Elastic Email Elastic Email Subscribe Form allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elastic Email Subscribe Form: from n/a through 1.2.2.
Affected versions
max 1.2.2.
Status
vulnerable
Previous vulnerability researches
Simple Email Subscriber (CVE-2025-27354) , Feb 27, 2025
Elastic Email Subscribe Form (CVE-2025-28985) , Jun 15, 2025
Email Subscription Popup (CVE-2025-49912) , Nov 10, 2025
Email Subscription Popup (CVE-2024-11195) , Nov 20, 2024
Email Subscription Popup (CVE-2023-6527) , Jun 07, 2024
New vulnerability
WP jQuery Pager (CVE-2025-10575) , Nov 11, 2025
DELUCKS SEO (CVE-2025-49376) , Nov 11, 2025
B Carousel Block – Create stunning responsive carousels effortlessly (CVE-2025-12388) , Nov 11, 2025
Stock Snapshot for WooCommerce (CVE-2025-10167) , Nov 11, 2025
YourMembership Single Sign On – YM SSO Login (CVE-2025-10648) , Nov 11, 2025