Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-21675

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/18 10:59 a.m.5 views

CVE-2025-54018

Missing Authorization vulnerability in CreativeMindsSolutions CM Pop-Up banners cm-pop-up-banners allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CM Pop-Up banners: from n/a through = 1.8.4...

4.3CVSS5.9AI score0.00206EPSS
Exploits0References1
NVD
NVD
added 2025/07/16 11:15 a.m.4 views

CVE-2025-54018

Missing Authorization vulnerability in CreativeMindsSolutions CM Pop-Up banners cm-pop-up-banners allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CM Pop-Up banners: from n/a through = 1.8.4...

4.3CVSS0.00206EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.5 views

PT-2025-29749 · Creativemindssolutions · Cm Pop-Up Banners

Name of the Vulnerable Software and Affected Versions: CM Pop-Up banners versions n/a through 1.8.4 Description: A missing authorization issue exists in CreativeMindsSolutions CM Pop-Up banners due to incorrectly configured access control security levels. Recommendations: Update CM Pop-Up banners...

4.3CVSS6.3AI score0.00206EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.4 views

WordPress plugin CM Pop-Up banners 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.5AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:38 a.m.11 views

CVE-2024-5799

The CM Pop-Up Banners for WordPress plugin before 1.7.3 does not sanitise and escape some of its popup fields, which could allow high privilege users such as Contributors to perform Cross-Site Scripting attacks...

4.8CVSS6.1AI score0.00312EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/02/03 4:17 p.m.5 views

WordPress CM Pop-Up Banners plugin <= 1.7.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin CM Pop-Up banners versions = 1.7.6...

7.1CVSS6.1AI score0.00363EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/02/03 3:27 p.m.6 views

WordPress CM Pop-Up Banners for WordPress plugin <= 1.7.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin CM Pop-Up banners versions = 1.7.3...

7.1CVSS6.1AI score0.00363EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/25 9:52 p.m.5 views

WordPress CM Pop-Up Banners plugin <= 1.7.5 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin CM Pop-Up banners versions 1.7.5...

6.1CVSS6.3AI score0.00584EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.25 views

WordPress CM Pop-Up banners Plugin 1.7.5 is vulnerable to Cross Site Scripting (XSS)

Software CM Pop-Up banners Type Plugin Vulnerable versions 1.7.5 Fixed in 1.7.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11202 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f58e5244f29c Credits Peter Thaleikis...

6.1CVSS5.9AI score0.00584EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/12 10:34 a.m.5 views

WordPress CM Pop-Up Banners for WordPress plugin < 1.7.3 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Eunho Kim in WordPress Plugin CM Pop-Up banners versions 1.7.3...

4.8CVSS6.1AI score0.00312EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2024/09/12 6:15 a.m.23 views

CVE-2024-5799

The CM Pop-Up Banners for WordPress plugin before 1.7.3 does not sanitise and escape some of its popup fields, which could allow high privilege users such as Contributors to perform Cross-Site Scripting attacks...

4.8CVSS0.00312EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/09/12 12:0 a.m.5 views

WordPress plugin CM Pop-Up Banners 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

4.8CVSS6.7AI score0.00312EPSS
Exploits1References2
Patchstack
Patchstack
added 2024/09/12 12:0 a.m.11 views

WordPress CM Pop-Up banners Plugin < 1.7.3 is vulnerable to Cross Site Scripting (XSS)

Software CM Pop-Up banners Type Plugin Vulnerable versions 1.7.3 Fixed in 1.7.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5799 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 747794d443c6 Credits Eunho Kim Required...

4.8CVSS5.8AI score0.00312EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/11 12:0 a.m.5 views

PT-2024-37163 · WordPress · Cm Pop-Up Banners

Name of the Vulnerable Software and Affected Versions: CM Pop-Up Banners for WordPress versions prior to 1.7.3 Description: The issue allows high privilege users, such as Contributors, to perform Cross-Site Scripting attacks due to the plugin not sanitising and escaping some of its popup fields...

4.8CVSS6.5AI score0.00312EPSS
Exploits1References9
Patchstack
Patchstack
added 2024/07/22 12:0 a.m.8 views

WordPress CM Pop-Up banners Plugin < 1.6.6 is vulnerable to Cross Site Scripting (XSS)

Software CM Pop-Up banners Type Plugin Vulnerable versions 1.6.6 Fixed in 1.6.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5004 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2c09d4a685e6 Credits Felipe Caon Required...

5.4CVSS5.8AI score0.00349EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2023/05/03 12:0 a.m.15 views

WordPress CM Pop-Up banners Plugin <= 1.5.10 is vulnerable to SQL Injection

Software CM Pop-Up banners Type Plugin Vulnerable versions = 1.5.10 Fixed in 1.6.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-30750 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID a1957d5dbbe6 Credits Dave Jong Patchstack Required privilege...

8.5CVSS6.8AI score0.00625EPSS
Exploits0References2Affected Software1
wpexploit
wpexploit
added 2020/03/27 12:0 a.m.17 views

CM Pop-Up banners < 1.4.11 - Authenticated Stored XSS

When saving a new campaign, a user with editpages capabilities can store scripts in the campaign’s pop-up content. The code can then be executed on every page on the website. A user with the editpages capability can store any script in the pop-up's content. The content is serialized and then save...

7.4AI score
Exploits0References1
Rows per page
Query Builder