10 matches found
CVE-2023-44228
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Onclick show popup plugin = 8.1 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Onclick show popup plugin = 8.1 versions...
CVE-2023-44228 WordPress Onclick Show Popup Plugin <= 8.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Onclick show popup plugin = 8.1 versions...
CVE-2023-44228 WordPress Onclick Show Popup Plugin <= 8.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Onclick show popup plugin = 8.1 versions...
CVE-2023-44228
CVE-2023-44228 corresponds to a stored XSS vulnerability in the WordPress plugin “Onclick show popup” (admin+ required) affecting versions up to 8.1. Multiple sources in connected documents consistently describe the flaw as an authenticated (admin+) stored XSS in that plugin, with impact limited ...
Onclick Show Popup < 6.6 - Admin+ Stored XSS
Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
WordPress Onclick Show Popup Plugin <= 8.2 is vulnerable to Cross Site Scripting (XSS)
Software Onclick Show Popup Type Plugin Vulnerable versions = 8.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-44228 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ee7368d7eff0 Credits yuyudhn Required privile...
CVE-2020-10570
The Telegram application through 5.12 for Android, when Show Popup is enabled, might allow physically proximate attackers to bypass intended restrictions on message reading and message replying. This might be interpreted as a bypass of the passcode feature...
CVE-2020-10570
The Telegram application through 5.12 for Android, when Show Popup is enabled, might allow physically proximate attackers to bypass intended restrictions on message reading and message replying. This might be interpreted as a bypass of the passcode feature...
WordPress Onclick Show Popup Plugin <= 6.5 - Cross Site Scripting
Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...