Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
popup vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-47597
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Popup Maker Popup Maker – Popup for opt-ins, lead gen, & more.This issue affects Popup Maker – Popup for opt-ins, lead gen, & more: from n/a up to and including 1.17.1.
Code-atlantic Popup Maker
4.8
CVSSv3
CVE-2023-5809
The Popup box WordPress plugin prior to 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite se...
Ays-pro Popup Box
4.8
CVSSv3
CVE-2023-5874
The Popup box WordPress plugin prior to 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite se...
Ays-pro Popup Box
4.8
CVSSv3
CVE-2023-24006
Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Link Software LLC WP Terms Popup plugin <= 2.6.0 versions.
Linksoftwarellc Wp Terms Popup
7.2
CVSSv3
CVE-2022-29445
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Popup Box plugin <= 2.1.2 at WordPress.
Wow-estore Popup Box
4.8
CVSSv3
CVE-2022-3690
The Popup Maker WordPress plugin prior to 1.16.11 does not sanitise and escape some of its Popup options, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks, which could be used against admins
Code-atlantic Popup Maker
6.1
CVSSv3
CVE-2023-27414
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Popup Box Team Popup box plugin <= 3.4.4 versions.
Ays-pro Popup Box
8.8
CVSSv3
CVE-2021-24458
The get_ays_popupboxes() and get_popup_categories() functions of the Popup box WordPress plugin prior to 2.3.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the ad...
Ays-pro Popup Box
4.8
CVSSv3
CVE-2023-4808
The WP Post Popup WordPress plugin up to and including 3.7.3 does not sanitise and escape some of its inputs, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in...
Allurewebsolutions Wp Post Popup
6.1
CVSSv3
CVE-2023-30489
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Email Subscription Popup plugin <= 1.2.16 versions.
I13websolution Email Subscription Popup
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »