Lucene search
K

22 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:17 p.m.4 views

CVE-2026-32428

Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Like box: from n/a through = 3.7.7...

5.3CVSS5.8AI score0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/13 9:31 p.m.2 views

EUVD-2026-11961

Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Like box: from n/a through = 3.7.7...

5.3CVSS5.8AI score0.00224EPSS
Exploits0References2
NVD
NVD
added 2026/03/13 7:55 p.m.4 views

CVE-2026-32428

Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Like box: from n/a through = 3.7.7...

5.3CVSS0.00224EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 11:42 a.m.1 views

CVE-2026-32428

Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Like box: from n/a through = 3.7.7...

5.8AI score0.00224EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/13 11:42 a.m.3 views

CVE-2026-32428 WordPress Popup Like box plugin <= 3.7.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Like box: from n/a through = 3.7.7...

5.8AI score0.00224EPSS
Exploits0References1
CVE
CVE
added 2026/03/13 11:42 a.m.6 views

CVE-2026-32428

The CVE affects WordPress Popup Like box plugin

5.3CVSS5.8AI score0.00224EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/13 11:42 a.m.23 views

CVE-2026-32428 WordPress Popup Like box plugin <= 3.7.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Like box: from n/a through = 3.7.7...

5.3CVSS0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.5 views

WordPress plugin Popup Like box 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00224EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/01 10:1 a.m.5 views

WordPress Popup Like box plugin <= 3.7.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Popup Like box versions = 3.7.7...

5.3CVSS5.8AI score0.00224EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.4 views

CVE-2022-0641

The Popup Like box WordPress plugin before 3.6.1 does not sanitize and escape the aysfbtab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.6AI score0.00788EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:22 p.m.7 views

CVE-2021-24460

The getfblikeboxes function in the Popup Like box – Page Plugin WordPress plugin before 3.5.3 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in the admin dashboard...

8.8CVSS7.7AI score0.01362EPSS
Exploits2References1
CNNVD
CNNVD
added 2024/04/11 12:0 a.m.3 views

WordPress Plugin Popup Like box 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

5.9CVSS5.8AI score0.00319EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/11 12:0 a.m.5 views

PT-2024-24034 · Unknown · Popup Like Box

Name of the Vulnerable Software and Affected Versions: Popup Like box versions 3.7.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can inject malicious...

5.9CVSS6.1AI score0.00319EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/03/28 6:15 p.m.4 views

CVE-2022-0641

The Popup Like box WordPress plugin before 3.6.1 does not sanitize and escape the aysfbtab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.3AI score0.00788EPSS
Exploits1References2
NVD
NVD
added 2022/03/28 6:15 p.m.15 views

CVE-2022-0641

The Popup Like box WordPress plugin before 3.6.1 does not sanitize and escape the aysfbtab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS0.00788EPSS
Exploits1References1
OSV
OSV
added 2022/03/28 6:15 p.m.6 views

CVE-2022-0641

The Popup Like box WordPress plugin before 3.6.1 does not sanitize and escape the aysfbtab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS5.8AI score0.00788EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/03/28 5:23 p.m.17 views

CVE-2022-0641 Popup Like box < 3.6.1 - Reflected Cross-Site Scripting

The Popup Like box WordPress plugin before 3.6.1 does not sanitize and escape the aysfbtab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

6.4AI score0.00788EPSS
Exploits1References1
CVE
CVE
added 2022/03/28 5:23 p.m.72 views

CVE-2022-0641

The CVE-2022-0641 entry concerns the WordPress plugin Popup Like box (versions before 3.6.1). The issue is a Reflected Cross-Site Scripting vulnerability caused by the ays_fb_tab parameter not being sanitized/escaped before output in an admin page, enabling injected JavaScript if an attacker can ...

6.1CVSS6.2AI score0.00788EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/03/28 12:0 a.m.4 views

WordPress plugin Popup Like box 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress...

6.1CVSS5.7AI score0.00788EPSS
Exploits1References2
OSV
OSV
added 2021/08/02 11:15 a.m.4 views

CVE-2021-24460

The getfblikeboxes function in the Popup Like box – Page Plugin WordPress plugin before 3.5.3 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in the admin dashboard...

8.8CVSS7.3AI score0.01362EPSS
Exploits2References1
Rows per page
Query Builder