Mail Subscribe List < 2.1 – Stored XSS | CVE 2013-10026

Affects Plugins

mail-subscribe-list

Fixed in 2.1

References

CVE

CVE-2013-10026

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

5.4 (medium)

Miscellaneous

Original Researcher

Falcoz Kevin

Verified

No

WPVDB ID

40b1b8ca-5d24-4b1a-8452-12067c950625

Timeline

Publicly Published

2014-08-01 (about 11 years ago)

Added

2014-08-01 (about 11 years ago)

Last Updated

2023-05-03 (about 2 years ago)

Other

Published

Title

Published

2024-12-14

Title

Responsive Google Maps | by imbaa < 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2023-10-02

Title

Dreamfox Media Payment gateway per Product for Woocommerce < 3.2.8 - Reflected XSS

Published

2025-03-28

Title

Unlimited < 1.46 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2025-04-03

Title

Simple Banner < 3.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting

Published

2023-11-14

Title

Permalinks Customizer <= 2.8.2 - Reflected Cross-Site Scripting