CVE-2026-24616

Missing Authorization vulnerability in Damian WP Popups wp-popups-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Popups: from n/a through = 2.2.0.5...

CVE-2026-24616

Missing Authorization vulnerability in Damian WP Popups wp-popups-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Popups: from n/a through = 2.2.0.3...

EUVD-2024-32610

Malicious code in bioql PyPI...

EUVD-2024-47628

Malicious code in bioql PyPI...

WordPress plugin WP Popups security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-37712 · WordPress · Wp Popups

Name of the Vulnerable Software and Affected Versions: WP Popups – WordPress Popup builder plugin versions up to, and including, 2.2.0.1 Description: The issue is related to Full Path Disclosure, which occurs because the plugin utilizes mobiledetect without preventing direct access to the files...

WordPress Popups Plugin <= 1.7.3 is vulnerable to Cross Site Scripting (XSS)

Software Popups Type Plugin Vulnerable versions = 1.7.3 Fixed in 1.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 23e3c6e9af0f Credits Rafie Muhammad Patchstack Required privilege...

PT-2023-17329 · WordPress · Wp Popups

Name of the Vulnerable Software and Affected Versions: WP Popups WordPress plugin versions prior to 2.1.5.1 Description: The issue arises from insufficient escaping of the href attribute in the spu-facebook-page shortcode, potentially allowing Stored Cross-Site Scripting attacks by users with the...