Popup Box Security Vulnerabilities and Issues — Popup Box CVE List

Lucene search

Ays-proPopup Box

3 matches found

CVE•added 2024/05/02 5:15 p.m.•50 views

CVE-2024-3897

The Popup Box – Best WordPress Popup Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_pb_create_author AJAX action in all versions up to, and including, 4.3.6. This makes it possible for unauthenticated attackers to enumerate all ...

5.3CVSS6.5AI score0.00479EPSS

CVE•added 2024/11/16 3:15 a.m.•24 views

CVE-2024-10861

The Popup Box – Create Countdown, Coupon, Video, Contact Form Popups plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivate_plugin_option() function in all versions up to, and including, 4.9.7. This makes it possible for unauthent...

5.3CVSS5.2AI score0.00097EPSS

CVE•added 2025/05/15 8:16 p.m.•15 views

CVE-2024-9599

The Popup Box WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

5.4CVSS5.7AI score0.00039EPSS