4 matches found
CVE-2024-9599
The Popup Box WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
PT-2025-21544 · WordPress · Popup Box
Name of the Vulnerable Software and Affected Versions: The Popup Box WordPress plugin versions prior to 4.7.8 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is disallowed,...
PT-2023-32343 · WordPress · Popup Box Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: Popup box WordPress plugin versions prior to 3.8.6 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example, in a...
WordPress Plugin Float menu 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress Plugin Float men...