3 matches found
CVE-2023-30750
CM Pop-Up banners for WordPress (CM Popup Plugin)
CVE-2024-5004
CVE-2024-5004 affects the CM Popup Plugin for WordPress (pre-1.6.6). The issue is improper sanitization/escaping of campaign settings, enabling stored XSS by high-privilege users (e.g., Contributors) when interacting with campaign settings. Red Hat confirms the WordPress plugin before 1.6.6 is af...
CVE-2024-5799
CVE-2024-5799 : The WordPress plugin CM Pop-Up Banners prior to version 1.7.3 is affected by a stored XSS vulnerability due to insufficient sanitisation/escaping of certain popup fields. This could allow high-privilege users (e.g., Contributors) to perform XSS. Affected product: CM Pop-Up Banners...