3 matches found
CVE-2021-34658
The Simple Popup Newsletter WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /simple-popup-newsletter.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4.7...
CVE-2021-34658
The CVE-2021-34658 entry corresponds to the WordPress plugin Simple Popup Newsletter (versions up to 1.4.7) and describes a Reflected Cross-Site Scripting (XSS) vulnerability caused by using $_SERVER['PHP_SELF'] in the file simple-popup-newsletter.php. Impact is injection of arbitrary web scripts...
CVE-2021-34658 Simple Popup Newsletter <= 1.4.7 Reflected Cross-Site Scripting
The Simple Popup Newsletter WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /simple-popup-newsletter.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4.7...