cleantalk
Vulnerabilities and Security Researches

Newsletter subscription optin module, CVE-2025-48308

CVE, Research URL

CVE-2025-48308

Home page URL

Security reports for Newsletter subscription optin module

Application

Newsletter subscription optin module

Published on
Aug 28, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in nonletter Newsletter subscription optin module allows Stored XSS. This issue affects Newsletter subscription optin module: from n/a through 1.2.9.
Affected versions
Min -, max 1.2.9.
Status
vulnerable
Previous vulnerability researches
Support Ticket System (CVE-2015-7670) , Jun 10, 2024
New vulnerability
OSM Map Widget for Elementor (CVE-2025-8619) , Aug 30, 2025
Simple Page Access Restriction (CVE-2025-58202) , Aug 30, 2025
Chartbeat (CVE-2025-53250) , Aug 30, 2025
Table Editor (CVE-2025-48310) , Aug 30, 2025
WP Thumbtack Review Slider (CVE-2025-58216) , Aug 30, 2025