2 matches found
CVE-2021-24152 Popup Builder < 3.74 - Authenticated Reflected Cross-Site Scripting (XSS)
The "All Subscribers" setting page of Popup Builder was vulnerable to reflected Cross-Site Scripting...
CVE-2021-24152
Popup Builder (WordPress plugin) is affected by CVE-2021-24152, a reflected XSS in the All Subscribers setting page. The vulnerability affects versions prior to 3.74, and requires an authenticated attacker to entice a logged-in user to a crafted URL to execute arbitrary scripts in the user’s brow...