CVE-2024-3641 Information

Description

The Newsletter Popup WordPress plugin through 1.2 does not sanitise and escape some parameters which could allow unauthenticated visitors to perform Cross-Site Scripting attacks against admins

Reference

https://wpscan.com/vulnerability/f4047f1e-d5ea-425f-8def-76dd5e6a497e/