Lucene search
HistoryMay 16, 2024 - 6:15 a.m.
CVE-2024-3644
cve-2024-3644
newsletter popup
wordpress
stored cross-site scripting
The Newsletter Popup WordPress plugin through 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Related
wpexploit
wpexploit
Newsletter Popup <= 1.2 - Admin+ Stored XSS
2024-04-25 00:00:00
wpvulndb
wpvulndb
Newsletter Popup <= 1.2 - Admin+ Stored XSS
2024-04-25 00:00:00
vulnrichment
vulnrichment
CVE-2024-3644 Newsletter Popup <= 1.2 - Admin+ Stored XSS
2024-05-16 06:00:03
cvelist
cvelist
CVE-2024-3644 Newsletter Popup <= 1.2 - Admin+ Stored XSS
2024-05-16 06:00:03
cve
cve
CVE-2024-3644
2024-05-16 06:15:10