cleantalk
Vulnerabilities and Security Researches

Email Subscription Popup, CVE-2025-49912

CVE, Research URL

CVE-2025-49912

Home page URL

Security reports for Email Subscription Popup

Application

Email Subscription Popup

Published on
Oct 22, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nks Email Subscription Popup email-subscribe allows Stored XSS.This issue affects Email Subscription Popup: from n/a through <= 1.2.26.
Affected versions
max 1.2.26.
Status
vulnerable
Previous vulnerability researches
wpForo Forum (CVE-2019-19109) , Jun 06, 2024
wpForo Forum (CVE-2022-40205) , Jun 06, 2024
wpForo Forum (CVE-2021-24406) , Jun 06, 2024
wpForo Forum (CVE-2022-38144) , Jun 06, 2024
wpForo Forum (CVE-2019-19112) , Jun 06, 2024
New vulnerability
Likert Survey Master (CVE-2025-53426) , Nov 10, 2025
Uji Countdown (CVE-2025-52749) , Nov 10, 2025
Selling Commander for WooCommerce &#8211; connector plugin (CVE-2025-60243) , Nov 10, 2025
Image Gallery block &#8211; Create and display photo gallery/photo album. (CVE-2025-49394) , Nov 10, 2025
RioVizual &#8211; WordPress Gutenberg Table Blocks Plugin (CVE-2025-62932) , Nov 10, 2025