Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-11795

Malware in sbrugna...

5.4CVSS5.5AI score0.00778EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/11/09 12:0 a.m.13 views

WordPress Popup Anything Plugin <= 2.7 is vulnerable to Broken Access Control

Software Popup Anything Type Plugin Vulnerable versions = 2.7 Fixed in 2.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-40200 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 4b0a6b545433 Credits Abdi Pranata Required...

5.9AI score0.00188EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/29 12:19 p.m.9 views

CVE-2022-38077 WordPress Popup Anything Plugin <= 2.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in WP OnlineSupport, Essential Plugin Popup Anything – A Marketing Popup and Lead Generation Conversions plugin = 2.2.1 versions...

4.3CVSS7AI score0.00256EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/03/29 12:0 a.m.5 views

WordPress Plugin Popup Anything 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS8.2AI score0.00256EPSS
Exploits0References2
OSV
OSV
added 2022/07/25 1:15 p.m.3 views

CVE-2022-2115

The Popup Anything WordPress plugin before 2.1.7 does not sanitise and escape a parameter before outputting it back in a frontend page, leading to a Reflected Cross-Site Scripting...

6.1CVSS5.8AI score0.0055EPSS
Exploits2References1
wpexploit
wpexploit
added 2022/07/04 12:0 a.m.156 views

Popup Anything < 2.1.7 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in a frontend page, leading to a Reflected Cross-Site Scripting On a post/page where the paocdetails display="keyxxx" shortcode is embed, append the following payload: ?xxx=11111%3Cscript%3Ealert/XSS/%3C/script%3E e.g:...

6.1CVSS6.2AI score0.0055EPSS
Exploits2
CNNVD
CNNVD
added 2021/11/02 12:0 a.m.3 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blogging sites on PHP and MySQL servers. WordPress Plugins is a WordPress open source application plugin. WordPress Plugins suffers from a cross-site...

5.4CVSS5.8AI score0.00778EPSS
Exploits0References4
Patchstack
Patchstack
added 2021/10/25 12:0 a.m.17 views

WordPress Popup Anything plugin <= 2.0.3 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Vishnupriya Ilango in WordPress Popup Anything plugin versions = 2.0.3. Solution Update the WordPress Popup Anything plugin to the latest available version at least 2.0.4...

5.4CVSS1.8AI score0.00778EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder