Modal Window Security Vulnerabilities and Issues — Modal Window CVE List

Lucene search

Wow-companyModal Window

3 matches found

CVE•added 2024/05/02 6:15 a.m.•56 views

CVE-2024-3472

The Modal Window WordPress plugin before 5.3.10 does not have CSRF check in place when bulk deleting modals, which could allow attackers to make a logged in admin delete them via a CSRF attack

5.9CVSS6.6AI score0.00047EPSS

CVE•added 2024/08/18 2:15 p.m.•52 views

CVE-2024-43346

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wow-Company Modal Window allows Stored XSS.This issue affects Modal Window: from n/a through 6.0.3.

6.5CVSS6.5AI score0.00064EPSS

CVE•added 2024/04/09 7:15 p.m.•35 views

CVE-2024-2457

The Modal Window – create popup modal window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 5.3.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS7.6AI score0.00109EPSS