132 matches found
CVE-2023-30750
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CreativeMindsSolutions CM Popup Plugin for WordPress.This issue affects CM Popup Plugin for WordPress: from n/a through 1.5.10...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CreativeMindsSolutions CM Popup Plugin for WordPress.This issue affects CM Popup Plugin for WordPress: from n/a through 1.5.10...
CVE-2023-30750
CM Pop-Up banners for WordPress (CM Popup Plugin)
WordPress Plugin CM Popup SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin CM Popup...
PT-2023-22953 · WordPress · Cm Popup Plugin
Name of the Vulnerable Software and Affected Versions: CM Popup Plugin for WordPress versions 1.5.10 and earlier Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as a SQL Injection vulnerability. This allows for potential...
CVE-2023-46824
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin = 1.7.14 versions...
CVE-2023-46824
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin = 1.7.14 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin = 1.7.14 versions...
CVE-2023-46824
Slick Popup: Contact Form 7 Popup Plugin for WordPress (plugin
WordPress Plugin Slick Popup: Contact Form 7 Popup Plugin Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. WordPress Plugin Slick Popup: Contact Form 7 Popup Plugi...
CVE-2023-44228
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Onclick show popup plugin = 8.1 versions...
CVE-2023-44228
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Onclick show popup plugin = 8.1 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Onclick show popup plugin = 8.1 versions...
CVE-2023-44228
CVE-2023-44228 corresponds to a stored XSS vulnerability in the WordPress plugin “Onclick show popup” (admin+ required) affecting versions up to 8.1. Multiple sources in connected documents consistently describe the flaw as an authenticated (admin+) stored XSS in that plugin, with impact limited ...
CVE-2023-34174
Unauth. Reflected Cross-Site Scripting XSS vulnerability in BBS e-Theme BBS e-Popup plugin = 2.4.5 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in BBS e-Theme BBS e-Popup plugin = 2.4.5 versions...
CVE-2023-34174 WordPress BBS e-Popup Plugin <= 2.4.5 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in BBS e-Theme BBS e-Popup plugin = 2.4.5 versions...
PT-2023-24712 · Unknown · Bbs E-Popup
Name of the Vulnerable Software and Affected Versions: BBS e-Theme BBS e-Popup plugin versions = 2.4.5 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a website,...
CVE-2023-24394
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy iframe popup plugin = 3.3 versions...
CVE-2023-24394
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy iframe popup plugin = 3.3 versions...