Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.3 views

CVE-2022-0214

The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog...

7.5CVSS6.7AI score0.01565EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-15416

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01565EPSS
Exploits2References1
OSV
OSV
added 2022/06/15 8:15 p.m.5 views

CVE-2022-28612

Improper Access Control vulnerability leading to multiple Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerabilities in Muneeb's Custom Popup Builder plugin = 1.3.1 at WordPress...

5.4CVSS5.8AI score0.0046EPSS
Exploits0References2
NVD
NVD
added 2022/06/15 8:15 p.m.14 views

CVE-2022-28612

Improper Access Control vulnerability leading to multiple Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerabilities in Muneeb's Custom Popup Builder plugin = 1.3.1 at WordPress...

5.4CVSS0.0046EPSS
Exploits0References2
Prion
Prion
added 2022/06/15 8:15 p.m.17 views

Improper access control

Improper Access Control vulnerability leading to multiple Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerabilities in Muneeb's Custom Popup Builder plugin = 1.3.1 at WordPress...

3.5CVSS5.4AI score0.0046EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.25 views

Custom Popup Builder <= 1.3.1 - Contributor+ Stored Cross-Site Scripting

The plugin does have proper authorisation in place, and does not sanitise as well as escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS3AI score0.0046EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2022/02/16 12:0 a.m.21 views

WordPress Custom Popup Builde plugin denial of service vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. A denial of service vulnerability exists in versions of the WordPress Custom Popup Builde plugin prior to 1.3.1,...

7.5CVSS2.3AI score0.01565EPSS
Exploits2References1
OSV
OSV
added 2022/02/14 12:15 p.m.4 views

CVE-2022-0214

The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog...

7.5CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2022/02/14 12:15 p.m.14 views

Denial of service

The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog...

5CVSS7.5AI score0.01565EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/02/14 9:21 a.m.13 views

CVE-2022-0214 Popup | Custom Popup Builder < 1.3.1 - Unauthenticated Denial of Service

The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog...

7.7AI score0.01565EPSS
Exploits2References1
CVE
CVE
added 2022/02/14 9:21 a.m.91 views

CVE-2022-0214

The CVE-2022-0214 issue affects the WordPress plugin “Custom Popup Builder” prior to v1.3.1. The popup data autoloads on every page and can be populated by unauthenticated input, with length not being validated, enabling a denial of service on the blog. Affected software: WordPress Custom Popup B...

7.5CVSS7.4AI score0.01565EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2022/02/14 12:0 a.m.5 views

WordPress和WordPress plugin 资源管理错误漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. A denial of service vulnerability exists in versions of the WordPress Custom Popup Builde plugin prior to 1.3.1,...

7.5CVSS5.7AI score0.01565EPSS
Exploits2References2
wpexploit
wpexploit
added 2022/01/17 12:0 a.m.137 views

Popup | Custom Popup Builder < 1.3.1 - Unauthenticated Denial of Service

The plugin autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog 1 Create a popup as admin and access the popup page as unauthenticated 2 Send data on the form and intercept t...

7.5CVSS0.2AI score0.01565EPSS
Exploits2
Patchstack
Patchstack
added 2022/01/17 12:0 a.m.22 views

WordPress Popup | Custom Popup Builder plugin <= 1.3 - Unauthenticated Denial of Service (DoS) vulnerability

Unauthenticated Denial of Service DoS vulnerability discovered by Felipe de Avila in WordPress Popup | Custom Popup Builder plugin versions = 1.3. Solution Update the WordPress Popup | Custom Popup Builder plugin to the latest available version at least 1.3.1...

7.5CVSS3.1AI score0.01565EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder