cleantalk
Vulnerabilities and Security Researches

Simple Newsletter Plugin – Noptin, CVE-2025-49871

CVE, Research URL

CVE-2025-49871

Home page URL

Security reports for Simple Newsletter Plugin – Noptin

Application

Simple Newsletter Plugin – Noptin

Published on
Jun 17, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Mutende Noptin allows Stored XSS. This issue affects Noptin: from n/a through 3.8.7.
Affected versions
Min -, max 4.0.0.
Status
vulnerable
Previous vulnerability researches
Wireless Butler (CVE-2025-26997) , Apr 15, 2025
New vulnerability
WP Edit (CVE-2025-53253) , Jul 01, 2025
Accept Authorize.NET Payments Using Contact Form 7 (CVE-2025-53322) , Jul 01, 2025
Owl carousel responsive (CVE-2025-5590) , Jul 01, 2025
App Builder – Create Native Android & iOS Apps On The Flight (CVE-2025-49989) , Jul 01, 2025
Sitekit (CVE-2025-50047) , Jul 01, 2025