Lucene search
K

8 matches found

Patchstack
Patchstack
added 2026/03/19 10:51 p.m.5 views

WordPress Instant Popup Builder plugin <= 1.1.7 - Unauthenticated Arbitrary Shortcode Execution via 'token' Parameter vulnerability

Unauthenticated Arbitrary Shortcode Execution via 'token' Parameter vulnerability discovered by theviper17y in WordPress Plugin Instant Popup Builder versions = 1.1.7...

5.3CVSS5.8AI score0.00278EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/19 9:30 a.m.5 views

EUVD-2026-13074

The Instant Popup Builder plugin for WordPress is vulnerable to Unauthenticated Arbitrary Shortcode Execution in all versions up to and including 1.1.7. This is due to the handleemailverificationpage function constructing a shortcode string from user-supplied GET parameters token, email and passi...

5.3CVSS6.1AI score0.00278EPSS
Exploits0References7
NVD
NVD
added 2026/03/19 8:16 a.m.5 views

CVE-2026-3475

The Instant Popup Builder plugin for WordPress is vulnerable to Unauthenticated Arbitrary Shortcode Execution in all versions up to and including 1.1.7. This is due to the handleemailverificationpage function constructing a shortcode string from user-supplied GET parameters token, email and passi...

5.3CVSS0.00278EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/03/19 7:34 a.m.3 views

CVE-2026-3475

The Instant Popup Builder plugin for WordPress is vulnerable to Unauthenticated Arbitrary Shortcode Execution in all versions up to and including 1.1.7. This is due to the handleemailverificationpage function constructing a shortcode string from user-supplied GET parameters token, email and passi...

5.3CVSS6.1AI score0.00278EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/19 7:34 a.m.26 views

CVE-2026-3475 Instant Popup Builder <= 1.1.7 - Unauthenticated Arbitrary Shortcode Execution via 'token' Parameter

The Instant Popup Builder plugin for WordPress is vulnerable to Unauthenticated Arbitrary Shortcode Execution in all versions up to and including 1.1.7. This is due to the handleemailverificationpage function constructing a shortcode string from user-supplied GET parameters token, email and passi...

5.3CVSS0.00278EPSS
Exploits0References6
CVE
CVE
added 2026/03/19 7:34 a.m.14 views

CVE-2026-3475

CVE-2026-3475 affects the WordPress plugin Instant Popup Builder (

5.3CVSS6.1AI score0.00278EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/19 7:34 a.m.7 views

CVE-2026-3475 Instant Popup Builder <= 1.1.7 - Unauthenticated Arbitrary Shortcode Execution via 'token' Parameter

The Instant Popup Builder plugin for WordPress is vulnerable to Unauthenticated Arbitrary Shortcode Execution in all versions up to and including 1.1.7. This is due to the handleemailverificationpage function constructing a shortcode string from user-supplied GET parameters token, email and passi...

5.3CVSS6.1AI score0.00278EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.7 views

WordPress plugin Instant Popup Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.3CVSS6.1AI score0.00278EPSS
Exploits0References6
Rows per page
Query Builder