The Popup Maker WordPress plugin before 1.16.9 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
5.4CVSS
5.2AI Score
0.001EPSS
The Popup Maker WordPress plugin before 1.16.9 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
5.4CVSS
5.2AI Score
0.001EPSS
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Popup Maker Popup Maker β Popup for opt-ins, lead gen, & more.This issue affects Popup Maker β Popup for opt-ins, lead gen, & more: from n/a through 1.17.1.
7.5CVSS
7.5AI Score
0.001EPSS