CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46803 – WordPress Noptin Plugin <= 1.9.5 is vulnerable to CSV Injection
https://notcve.org/view.php?id=CVE-2022-46803
27 Jan 2023 — Improper Neutralization of Formula Elements in a CSV File vulnerability in Noptin Newsletter Simple Newsletter Plugin – Noptin.This issue affects Simple Newsletter Plugin – Noptin: from n/a through 1.9.5. Neutralización inadecuada de elementos de fórmula en una vulnerabilidad de CSV File en Noptin Newsletter Simple Newsletter Plugin – Noptin. Este problema afecta al Simple Newsletter Plugin – Noptin: desde n/a hasta 1.9.5. The Simple Newsletter Plugin – Noptin plugin for WordPress is vulnerable to CSV Injec... • https://patchstack.com/database/vulnerability/newsletter-optin-box/wordpress-simple-newsletter-plugin-noptin-plugin-1-9-5-unauth-csv-injection-vulnerability?_s_id=cve • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-25033 – Noptin < 1.6.5 - Open Redirect
https://notcve.org/view.php?id=CVE-2021-25033
17 Jan 2022 — The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue El plugin WordPress Newsletter Plugin de WordPress versiones anteriores a 1.6.5, no comprueba el parámetro to antes de redirigir al usuario a su valor dado, conllevando a un problema de redireccionamiento abierto The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the ... • https://plugins.trac.wordpress.org/changeset/2639592 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •