Lucene search
+L

6 matches found

Vulnrichment
Vulnrichment
added 2024/02/12 4:6 p.m.9 views

CVE-2023-6591 Popup Box Pro < 20.9.0 - Admin+ Stored XSS

The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

5.6AI score0.0048EPSS
Exploits3References1
Cvelist
Cvelist
added 2024/02/12 4:6 p.m.25 views

CVE-2023-6591 Popup Box Pro < 20.9.0 - Admin+ Stored XSS

The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

5.8AI score0.0048EPSS
Exploits3References1
WPVulnDB
WPVulnDB
added 2024/01/22 12:0 a.m.17 views

Popup Box Pro < 7.9.0 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed PoC Create/edit a new popup and add the following payload in the Custom Content: Save, and...

5.7AI score0.0048EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/22 12:0 a.m.13 views

Popup Box Pro < 20.9.0 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed PoC Create/edit a new popup and add the following payload in the Custom Content: Save, and...

5.7AI score0.0048EPSS
Exploits3Affected Software1
wpexploit
wpexploit
added 2024/01/22 12:0 a.m.145 views

Popup Box Pro < 20.9.0 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed Create/edit a new popup and add the following payload in the Custom Content: alert1; Save,...

5.9AI score0.0048EPSS
Exploits3
wpexploit
wpexploit
added 2024/01/22 12:0 a.m.155 views

Popup Box Pro < 7.9.0 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed Create/edit a new popup and add the following payload in the Custom Content: alert1; Save,...

5.9AI score0.0048EPSS
Exploits3
Rows per page
Query Builder