3 matches found
CVE-2023-5343
The CVE-2023-5343 entry concerns the WordPress Popup Box plugin, versions prior to 3.7.9. The connected documents confirm a vulnerability where the plugin fails to sanitize/escape certain settings, enabling stored Cross-Site Scripting (XSS) by high-privilege users (e.g., admins). Impact described...
CVE-2023-5343 Popup Box < 3.7.9 - Admin+ Stored XSS
The Popup box WordPress plugin before 3.7.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2023-5343 Popup Box < 3.7.9 - Admin+ Stored XSS
The Popup box WordPress plugin before 3.7.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...