4 matches found
CVE-2024-3231
The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against admins...
CVE-2024-3231 Popup4Phone <= 1.3.2 - Unauthenticated Stored XSS
The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against admins...
CVE-2024-3231
CVE-2024-3231 concerns the Popup4Phone WordPress plugin (versions
WordPress Popup4Phone Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)
Software Popup4Phone Type Plugin Vulnerable versions = 1.3.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3231 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3a2ba7555452 Credits Bob Matyas Required...