Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
supsystic popup vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2022-0424
The Popup by Supsystic WordPress plugin prior to 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated malicious users to call it and get the email addresses of subscribed users
Supsystic Popup
8.8
CVSSv3
CVE-2016-10915
The popup-by-supsystic plugin prior to 1.7.9 for WordPress has CSRF.
Supsystic Popup
6.1
CVSSv3
CVE-2021-24275
The Popup by Supsystic WordPress plugin prior to 1.10.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
Supsystic Popup
9.8
CVSSv3
CVE-2023-3186
The Popup by Supsystic WordPress plugin prior to 1.10.19 has a prototype pollution vulnerability that could allow an malicious user to inject arbitrary properties into Object.prototype.
Supsystic Popup
4.3
CVSSv3
CVE-2017-20065
A vulnerability was found in Supsystic Popup Plugin 1.7.6 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...
Supsystic Popup 1.7.6
NA
CVE-2024-31421
Missing Authorization vulnerability in Supsystic Popup by Supsystic.This issue affects Popup by Supsystic: from n/a up to and including 1.10.27.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started