cleantalk
Vulnerabilities and Security Researches

Hustle – Email Marketing, Lead Generation, Optins, Popups, CVE-2024-10580

CVE, Research URL

CVE-2024-10580

Home page URL

Security reports for Hustle – Email Marketing, Lead Generation, Optins, Popups

Application

Hustle – Email Marketing, Lead Generation, Optins, Popups

Published on
Nov 27, 2024
Research Description
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized form submissions due to a missing capability check on the submit_form() function in all versions up to, and including, 7.8.5. This makes it possible for unauthenticated attackers to submit unpublished forms.
Affected versions
Min -, max 7.8.6.
Status
vulnerable
Previous vulnerability researches
Theme File Duplicator (CVE-2025-27283) , Feb 27, 2025
Theme File Duplicator (CVE-2025-27282) , Mar 05, 2025
New vulnerability
TablePress – Tables in WordPress made easy (CVE-2024-45293) , May 07, 2025
Newsletter – Send awesome emails from WordPress (CVE-2025-3583) , May 07, 2025
Insert PHP Code Snippet (CVE-2024-43275) , May 07, 2025
Gutenverse – Gutenberg Blocks – Page Builder for Site Editor (CVE-2024-38785) , May 07, 2025
Section Widget (CVE-2025-46537) , May 07, 2025