Modal Window Security Vulnerabilities and Issues — Modal Window CVE List

Lucene search

Wow-companyModal Window

4 matches found

CVE•added 2023/09/27 3:19 p.m.•52 views

CVE-2023-5161

The Modal Window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 5.3.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level...

6.4CVSS5.3AI score0.00349EPSS

CVE•added 2024/08/18 2:15 p.m.•52 views

CVE-2024-43346

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wow-Company Modal Window allows Stored XSS.This issue affects Modal Window: from n/a through 6.0.3.

6.5CVSS6.5AI score0.00064EPSS

CVE•added 2025/02/20 9:15 a.m.•47 views

CVE-2025-0897

The Modal Window – create popup modal window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'iframeBox' shortcode in all versions up to, and including, 6.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it pos...

6.4CVSS5.8AI score0.0003EPSS

CVE•added 2024/04/09 7:15 p.m.•35 views

CVE-2024-2457

The Modal Window – create popup modal window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 5.3.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS7.6AI score0.00109EPSS