Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
popup vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-4125
The Popup Manager WordPress plugin up to and including 1.6.6 does not have authorisation and CSRF check when creating/updating popups, and is missing sanitisation as well as escaping, which could allow unauthenticated malicious users to create arbitrary popups and add Stored XSS ...
Popup Manager Project Popup Manager
6.8
CVSSv2
CVE-2014-9525
Multiple cross-site request forgery (CSRF) vulnerabilities in the Timed Popup (wp-timed-popup) plugin 1.3 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) change plugin settings via unspecified vectors or (2) conduct ...
Timed Popup Project Timed Popup 1.3
5
CVSSv2
CVE-2022-0214
The Custom Popup Builder WordPress plugin prior to 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog
Custom Popup Builder Project Custom Popup Builder
3.5
CVSSv2
CVE-2022-28612
Improper Access Control vulnerability leading to multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Muneeb's Custom Popup Builder plugin <= 1.3.1 at WordPress.
Custom Popup Builder Project Custom Popup Builder
NA
CVE-2023-1471
The WP Popup Banners plugin for WordPress is vulnerable to SQL Injection via the 'banner_id' parameter in versions up to, and including, 1.2.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This ...
Wp Popup Banners Project Wp Popup Banners
NA
CVE-2022-47598
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP Plugins Pro WP Super Popup plugin <= 1.1.2 versions.
Wp Super Popup Project Wp Super Popup
NA
CVE-2024-0844
The Popup More Popups, Lightboxes, and more popup modules plugin for WordPress is vulnerable to Local File Inclusion in version 2.1.6 via the ycfChangeElementData() function. This makes it possible for authenticated attackers, with administrator-level access and above, to include...
Felixmoira Popup More Popups\\, Lightboxes\\, And More Popup Modules
1 Github repository
7.5
CVSSv2
CVE-2005-1093
Buffer overflow in the PopUp Plus 2.0.3.8 plugin for Miranda IM, with "Use SmileyAdd Setting" enabled, allows remote malicious users to execute arbitrary code.
Popup Plus Plugin Popup Plus Plugin For Miranda Im 2.0.3.8
NA
CVE-2023-27032
Prestashop advancedpopupcreator v1.1.21 to v1.1.24 exists to contain a SQL injection vulnerability via the component AdvancedPopup::getPopups().
Idnovate Popup Module \\(on Entering\\, Exit Popup\\, Add Product\\) And Newsletter
NA
CVE-2022-41403
OpenCart 3.x Newsletter Custom Popup exists to contain a SQL injection vulnerability via the email parameter at index.php?route=extension/module/so_newletter_custom_popup/newsletter.
Newsletter Subscribe \\(popup \\+ Regular Module\\) Project Newsletter Subscribe \\(popup \\+ Regular Module\\) 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »