EUVD-2025-12047

Malicious code in bioql PyPI...

CVE-2025-46471

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gnanavelshenll WP Custom Post Popup custom-post-popup allows DOM-Based XSS.This issue affects WP Custom Post Popup: from n/a through = 1.0.1...

CVE-2025-46471

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gnanavelshenll WP Custom Post Popup custom-post-popup allows DOM-Based XSS.This issue affects WP Custom Post Popup: from n/a through = 1.0.1...

CVE-2025-46471 WordPress WP Custom Post Popup plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gnanavelshenll WP Custom Post Popup custom-post-popup allows DOM-Based XSS.This issue affects WP Custom Post Popup: from n/a through = 1.0.1...

CVE-2025-46471

CVE-2025-46471 affects the WordPress plugin WP Custom Post Popup. The vulnerability is a DOM-based XSS due to improper input neutralization in the plugin’s web page generation, impacting version range from n/a through 1.0.1. Exploitation details are not provided in the initial document, and no of...

CVE-2025-46471 WordPress WP Custom Post Popup plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gnanavelshenll WP Custom Post Popup custom-post-popup allows DOM-Based XSS.This issue affects WP Custom Post Popup: from n/a through = 1.0.1...

WordPress plugin WP Custom Post Popup 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-17786 · WordPress · Wp Custom Post Popup

Name of the Vulnerable Software and Affected Versions: WP Custom Post Popup versions 1.0.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an attacker can...

CVE-2023-4808

Affected software: WP Post Popup WordPress plugin

PT-2023-30692 · WordPress · Wp Post Popup

Name of the Vulnerable Software and Affected Versions: WP Post Popup WordPress plugin versions prior to 3.7.4 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is disallowed,...

WordPress Plugin WP Post Popup Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WP Post Popup <= 3.7.3 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its inputs, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup Enter the following payload in the Close...

WordPress WP Post Popup Plugin <= 3.7.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Post Popup Type Plugin Vulnerable versions = 3.7.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4808 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 3ee14d9df6d2 Credits Abhijith A Required privileg...