Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
popup vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2022-0641
The Popup Like box WordPress plugin prior to 3.6.1 does not sanitize and escape the ays_fb_tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
Ays-pro Popup Like Box
NA
CVE-2023-24002
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPdevart YouTube Embed, Playlist and Popup by WpDevArt plugin <= 2.6.3 versions.
Wpdevart Youtube Embed\\, Playlist And Popup
312
VMScore
CVE-2021-24464
The YouTube Embed, Playlist and Popup by WpDevArt WordPress plugin prior to 2.3.9 did not escape, validate or sanitise some of its shortcode options, available to users with a role as low as Contributor, leading to an authenticated Stored Cross-Site Scripting issue.
Wpdevart Youtube Embed\\, Playlist And Popup
NA
CVE-2023-25463
Cross-Site Request Forgery (CSRF) vulnerability in Gopi Ramasamy WP tell a friend popup form plugin <= 7.1 versions.
Gopiplus Wp-tell-a-friend-popup-form
NA
CVE-2023-25465
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy wp tell a friend popup form plugin <= 7.1 versions.
Gopiplus Wp-tell-a-friend-popup-form
NA
CVE-2023-24004
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPdevart Image and Video Lightbox, Image PopUp plugin <= 2.1.5 versions.
Wpdevart Download Image And Video Lightbox\\, Image Popup
605
VMScore
CVE-2022-0215
The Login/Signup Popup, Waitlist Woocommerce ( Back in stock notifier ), and Side Cart Woocommerce (Ajax) WordPress plugins by XootiX are vulnerable to Cross-Site Request Forgery via the save_settings function found in the ~/includes/xoo-framework/admin/class-xoo-admin-settings.p...
Xootix Login\\/signup Popup
Xootix Side Cart Woocommerce
Xootix Waitlist Woocommerce
312
VMScore
CVE-2021-24718
The Contact Form, Survey & Popup Form Plugin for WordPress plugin prior to 1.5 does not properly sanitize some of its settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Reputeinfosystems Contact Form\\, Survey \\& Popup Form Plugin For Wordpress - Arforms Form Builder
NA
CVE-2021-242751
WordPress Popup plugin version 1.10.4 suffers from a cross site scripting vulnerability.
231
VMScore
CVE-2006-4569
The popup blocker in Mozilla Firefox prior to 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted malicious users to conduct cross-site...
Mozilla Firefox
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »