cleantalk
Vulnerabilities and Security Researches

Simple Newsletter Plugin – Noptin, CVE-2021-25033

CVE, Research URL

CVE-2021-25033

Home page URL

Security reports for Simple Newsletter Plugin – Noptin

Application

Simple Newsletter Plugin – Noptin

Published on
Feb 14, 2022
Research Description
The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue
Affected versions
Min -, max 1.6.5.
Status
vulnerable
Previous vulnerability researches
Simple Newsletter Plugin – Noptin (CVE-2024-37456) , Jul 04, 2024
Simple Newsletter Plugin – Noptin (CVE-2025-49871) , Jun 16, 2025
Simple Newsletter Plugin – Noptin (CVE-2022-46803) , Jun 06, 2024
Simple Newsletter Plugin – Noptin (CVE-2021-25033) , Jun 06, 2024
New vulnerability
DIOT SCADA with MQTT (CVE-2025-4216) , Jun 16, 2025
Simple Newsletter Plugin – Noptin (CVE-2025-49871) , Jun 16, 2025
Job Board Manager (CVE-2025-49324) , Jun 16, 2025
Bitly URL Shortener (CVE-2025-30629) , Jun 16, 2025
ACF Onyx Poll (CVE-2025-5841) , Jun 16, 2025