Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.4 views

CVE-2022-0641

The Popup Like box WordPress plugin before 3.6.1 does not sanitize and escape the aysfbtab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.6AI score0.00788EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/03/28 6:15 p.m.5 views

CVE-2022-0641

The Popup Like box WordPress plugin before 3.6.1 does not sanitize and escape the aysfbtab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.3AI score0.00788EPSS
Exploits1References2
OSV
OSV
added 2022/03/28 6:15 p.m.7 views

CVE-2022-0641

The Popup Like box WordPress plugin before 3.6.1 does not sanitize and escape the aysfbtab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS5.8AI score0.00788EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/03/28 5:23 p.m.18 views

CVE-2022-0641 Popup Like box < 3.6.1 - Reflected Cross-Site Scripting

The Popup Like box WordPress plugin before 3.6.1 does not sanitize and escape the aysfbtab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

6.4AI score0.00788EPSS
Exploits1References1
CVE
CVE
added 2022/03/28 5:23 p.m.73 views

CVE-2022-0641

The CVE-2022-0641 entry concerns the WordPress plugin Popup Like box (versions before 3.6.1). The issue is a Reflected Cross-Site Scripting vulnerability caused by the ays_fb_tab parameter not being sanitized/escaped before output in an admin page, enabling injected JavaScript if an attacker can ...

6.1CVSS6.2AI score0.00788EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder