CVE-2024-8492
- EPSS 0.02%
- Veröffentlicht 15.05.2025 20:15:58
- Zuletzt bearbeitet 12.06.2025 15:46:49
The Hustle WordPress plugin through 7.8.5 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
CVE-2024-10580
- EPSS 0.19%
- Veröffentlicht 27.11.2024 07:15:07
- Zuletzt bearbeitet 27.11.2024 07:15:07
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized form submissions due to a missing capability check on the submit_form() function in all versions up to, and including, 7.8.5. This makes ...
CVE-2024-10579
- EPSS 0.13%
- Veröffentlicht 26.11.2024 11:21:58
- Zuletzt bearbeitet 26.11.2024 11:21:58
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the preview_module() function in all versions up to, and including, 7.8.5. This makes...
CVE-2024-0368
- EPSS 1.82%
- Veröffentlicht 13.03.2024 16:15:10
- Zuletzt bearbeitet 11.03.2025 16:51:23
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.8.3 via hardcoded API Keys. This makes it possible for unauthenticated attacker...