8 matches found
CVE-2026-24616
Missing Authorization vulnerability in Damian WP Popups wp-popups-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Popups: from n/a through = 2.2.0.5...
CVE-2026-24616
Missing Authorization vulnerability in Damian WP Popups wp-popups-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Popups: from n/a through = 2.2.0.3...
EUVD-2024-32610
Malicious code in bioql PyPI...
EUVD-2024-47628
Malicious code in bioql PyPI...
PT-2024-37712 · WordPress · Wp Popups
Name of the Vulnerable Software and Affected Versions: WP Popups – WordPress Popup builder plugin versions up to, and including, 2.2.0.1 Description: The issue is related to Full Path Disclosure, which occurs because the plugin utilizes mobiledetect without preventing direct access to the files...
WordPress plugin WP Popups security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress Popups Plugin <= 1.7.3 is vulnerable to Cross Site Scripting (XSS)
Software Popups Type Plugin Vulnerable versions = 1.7.3 Fixed in 1.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 23e3c6e9af0f Credits Rafie Muhammad Patchstack Required privilege...
PT-2023-17329 · WordPress · Wp Popups
Name of the Vulnerable Software and Affected Versions: WP Popups WordPress plugin versions prior to 2.1.5.1 Description: The issue arises from insufficient escaping of the href attribute in the spu-facebook-page shortcode, potentially allowing Stored Cross-Site Scripting attacks by users with the...