CVE-2025-24587

HIGH

I Thirteen Web Solution Email Subscription Popup <1.2.23 - SQL Inje...

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-24587. PoCs published by DoTTak.

AI-analyzed exploit summary This PoC demonstrates an SQL injection vulnerability in the WordPress 'Email Subscription Popup' plugin (version <= 1.2.23). The exploit involves subscribing a malicious email address containing an SQL payload, which executes when an administrator deletes the subscriber, resulting in the deletion of all subscriptions.

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nks Email Subscription Popup email-subscribe allows Blind SQL Injection.This issue affects Email Subscription Popup: from n/a through <= 1.2.23.

Exploits (1)

nomisec WORKING POC 1 stars
by DoTTak · poc
https://github.com/DoTTak/CVE-2025-24587

This PoC demonstrates an SQL injection vulnerability in the WordPress 'Email Subscription Popup' plugin (version <= 1.2.23). The exploit involves subscribing a malicious email address containing an SQL payload, which executes when an administrator deletes the subscriber, resulting in the deletion of all subscriptions.

Classification
Working Poc 100%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: WordPress plugin 'Email Subscription Popup' <= 1.2.23
No auth needed
Prerequisites: WordPress site with vulnerable plugin activated · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.6
EPSS 0.3106
EPSS Percentile 98.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (2)
I Thirteen Web Solution/Email Subscription Popup < 1.2.23
Nks/Email Subscription Popup < 1.2.23
Published Jan 24, 2025
Tracked Since Feb 18, 2026