EUVD-2022-47523

Malicious code in bioql PyPI...

EUVD-2022-46480

Malicious code in bioql PyPI...

CVE-2025-25105 WordPress Pop Up Plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in coffeestudios Pop Up popup-seo-optimized allows Stored XSS.This issue affects Pop Up: from n/a through = 0.1...

CVE-2025-25105 WordPress Pop Up Plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in coffeestudios Pop Up allows Stored XSS. This issue affects Pop Up: from n/a through 0.1...

WordPress plugin Pop Up 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Pop Up Plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyễn Khánh Hào in WordPress Plugin Pop Up versions = 0.1...

WordPress Pop-up plugin <= 1.2.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Pop-up versions = 1.2.3...

WordPress Pop-up Plugin <= 1.1.9 is vulnerable to Broken Access Control

Software Pop-up Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.2.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6c527b0974ca Credits WordFence Required privilege Subscriber...

WordPress Pop-up Plugin <= 1.1.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software Pop-up Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.2.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-3977 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 756751a5022f Credits WordFence Required privilege...

CVE-2022-43480

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Magneticlab Sàrl Homepage Pop-up plugin = 1.2.5 versions...

CVE-2022-43480

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Magneticlab Sàrl Homepage Pop-up plugin = 1.2.5 versions...

CVE-2022-43480 WordPress Homepage Pop-up Plugin <= 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Magneticlab Sàrl Homepage Pop-up plugin = 1.2.5 versions...

CVE-2022-43480

The CVE-2022-43480 entry references a stored XSS vulnerability in the WordPress Homepage Pop-up plugin (versions ≤ 1.2.5). It requires authenticated admin+ access to exploit. The cited metrics indicate a low-severity impact (Confidentiality/Integrity affected to a Low degree; Availability not aff...

CVE-2022-44585

Cross-Site Request Forgery CSRF vulnerability in Magneticlab Sàrl Homepage Pop-up plugin = 1.2.5 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Magneticlab Sàrl Homepage Pop-up plugin = 1.2.5 versions...

CVE-2022-44585

CVE-2022-44585 concerns WordPress Homepage Pop-up plugin (versions

CVE-2022-38070

Privilege Escalation subscriber+ vulnerability in Pop-up plugin = 1.1.5 at WordPress...

Privilege escalation

Privilege Escalation subscriber+ vulnerability in Pop-up plugin = 1.1.5 at WordPress...

CVE-2022-38070

CVE-2022-38070 affects the WordPress Pop-up plugin versions ≤ 1.1.5. The issue is a Privilege Escalation impacting subscribers+ (per the CVE entry), with no explicit exploitation details provided in the supplied documents. Root cause/technical specifics are not detailed beyond the vulnerability c...

PT-2022-24186 · Unknown · Pop-Up Plugin

Name of the Vulnerable Software and Affected Versions: Pop-up plugin versions 1.1.5 and earlier Description: The issue is related to a Privilege Escalation vulnerability that affects subscribers and above, allowing potential escalation of privileges. Recommendations: For Pop-up plugin versions...