CVE-2024-8492
- EPSS 0.02%
- Published 15.05.2025 20:15:58
- Last modified 12.06.2025 15:46:49
The Hustle WordPress plugin through 7.8.5 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
CVE-2024-10580
- EPSS 0.19%
- Published 27.11.2024 07:15:07
- Last modified 27.11.2024 07:15:07
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized form submissions due to a missing capability check on the submit_form() function in all versions up to, and including, 7.8.5. This makes ...
CVE-2024-10579
- EPSS 0.13%
- Published 26.11.2024 11:21:58
- Last modified 26.11.2024 11:21:58
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the preview_module() function in all versions up to, and including, 7.8.5. This makes...
CVE-2024-0368
- EPSS 1.82%
- Published 13.03.2024 16:15:10
- Last modified 11.03.2025 16:51:23
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.8.3 via hardcoded API Keys. This makes it possible for unauthenticated attacker...