Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
popup vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2022-1750
The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ popup_title' parameter in versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...
Sticky Popup Project Sticky Popup
6.8
CVSSv2
CVE-2014-9525
Multiple cross-site request forgery (CSRF) vulnerabilities in the Timed Popup (wp-timed-popup) plugin 1.3 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) change plugin settings via unspecified vectors or (2) conduct ...
Timed Popup Project Timed Popup 1.3
5
CVSSv2
CVE-2022-0214
The Custom Popup Builder WordPress plugin prior to 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog
Custom Popup Builder Project Custom Popup Builder
3.5
CVSSv2
CVE-2022-28612
Improper Access Control vulnerability leading to multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Muneeb's Custom Popup Builder plugin <= 1.3.1 at WordPress.
Custom Popup Builder Project Custom Popup Builder
NA
CVE-2023-1471
The WP Popup Banners plugin for WordPress is vulnerable to SQL Injection via the 'banner_id' parameter in versions up to, and including, 1.2.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This ...
Wp Popup Banners Project Wp Popup Banners
NA
CVE-2022-47598
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP Plugins Pro WP Super Popup plugin <= 1.1.2 versions.
Wp Super Popup Project Wp Super Popup
NA
CVE-2024-0844
The Popup More Popups, Lightboxes, and more popup modules plugin for WordPress is vulnerable to Local File Inclusion in version 2.1.6 via the ycfChangeElementData() function. This makes it possible for authenticated attackers, with administrator-level access and above, to include...
Felixmoira Popup More Popups, Lightboxes, And More Popup Modules
1 Github repository
7.5
CVSSv2
CVE-2005-1093
Buffer overflow in the PopUp Plus 2.0.3.8 plugin for Miranda IM, with "Use SmileyAdd Setting" enabled, allows remote malicious users to execute arbitrary code.
Popup Plus Plugin Popup Plus Plugin For Miranda Im 2.0.3.8
NA
CVE-2023-27032
Prestashop advancedpopupcreator v1.1.21 to v1.1.24 exists to contain a SQL injection vulnerability via the component AdvancedPopup::getPopups().
Idnovate Popup Module (on Entering, Exit Popup, Add Product) And Newsletter
NA
CVE-2022-41403
OpenCart 3.x Newsletter Custom Popup exists to contain a SQL injection vulnerability via the email parameter at index.php?route=extension/module/so_newletter_custom_popup/newsletter.
Newsletter Subscribe (popup + Regular Module) Project Newsletter Subscribe (popup + Regular Module) 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »