Lucene search
K

4 matches found

CVE
CVE
added 2025/10/24 11:25 a.m.16 views

CVE-2025-10861

CVE-2025-10861: Unauthenticated SSRF in the WordPress plugin “Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers” affecting versions up to and including 2.1.4 due to insufficient URL validation. Exploitation could allow the server to make requests t...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References5
NVD
NVD
added 2025/10/09 9:15 a.m.7 views

CVE-2025-10862

The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.1.3. This is due to insufficient escaping on the 'id' parameter and lack of sufficient preparation on...

7.5CVSS0.00361EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/09 8:23 a.m.5 views

CVE-2025-10862 Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers <= 2.1.3 - Unauthenticated SQL Injection via 'id'

The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.1.3. This is due to insufficient escaping on the 'id' parameter and lack of sufficient preparation on...

7.5CVSS6.4AI score0.00361EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/09 12:0 a.m.4 views

WordPress plugin Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a suite of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. WordPress...

7.5CVSS7.5AI score0.00361EPSS
Exploits0References5
Rows per page
Query Builder