Cross-Site Scripting Vulnerability in MailOptin by Properfraction
CVE-2025-58596

5.9MEDIUM

Key Information:

Vendor: WordPress
Status: Mailoptin
Vendor: CVE Published:; 3 September 2025

What is CVE-2025-58596?

An input validation issue has been identified in MailOptin, developed by Properfraction, allowing for stored Cross-site Scripting (XSS) attacks. This vulnerability enables malicious users to inject and execute harmful scripts in the context of the user's session, which can lead to unauthorized data access or compromise of user information. The affected versions of MailOptin pose a significant risk, making it critical for users to update to secure versions to mitigate potential threats.

Affected Version(s)

MailOptin <= 1.2.75.0

References

https://patchstack.com/database/wordpress/plugin/mailopti...

vdb-entry

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 3, 2025
Vulnerability Reserved
Sep 3, 2025

Credit

Fiqro Najiah (Patchstack Alliance)