Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:4 a.m.7 views

CVE-2023-6591

The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS5.9AI score0.0048EPSS
Exploits3References1
CVE
CVE
added 2024/02/12 4:6 p.m.84 views

CVE-2023-6591

CVE-2023-6591 affects the Popup Box WordPress plugin (before 20.9.0). The issue is due to inadequate sanitization/escaping of settings, enabling stored XSS that could be executed by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. Connected sources describe admin+ stor...

4.8CVSS5.8AI score0.0048EPSS
Exploits3References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/12 4:6 p.m.9 views

CVE-2023-6591 Popup Box Pro < 20.9.0 - Admin+ Stored XSS

The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

5.6AI score0.0048EPSS
Exploits3References1
Cvelist
Cvelist
added 2024/02/12 4:6 p.m.21 views

CVE-2023-6591 Popup Box Pro < 20.9.0 - Admin+ Stored XSS

The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

5.8AI score0.0048EPSS
Exploits3References1
Rows per page
Query Builder