Skip to main content

Login Signup Popup

4 CVEs product

Monthly

CVE-2025-1064 MEDIUM PATCH This Month

The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's xoo_el_action shortcode in all versions up to, and including,. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Login Signup Popup PHP
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2024-5665 MEDIUM PATCH This Month

The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ‘export_settings’ function in versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Login Signup Popup
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-5324 HIGH PATCH Act Now

Multiple plugins for WordPress utilizing the XootiX Framework are vulnerable to unauthorized modification of data due to a missing capability check on the 'import_settings' function in various. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 43.7%.

WordPress Authentication Bypass Login Signup Popup Otp Login Woocommerce Gravity Forms Side Cart Woocommerce +1
NVD
CVSS 3.1
8.8
EPSS
43.7%
CVE-2020-36715 HIGH POC PATCH This Week

The Login/Signup Popup plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on several functions in versions up to, and including, 1.4. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass WordPress Login Signup Popup
NVD
CVSS 3.1
7.4
EPSS
0.1%
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's xoo_el_action shortcode in all versions up to, and including,. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Login Signup Popup +1
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ‘export_settings’ function in versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Login Signup Popup
NVD
EPSS 44% CVSS 8.8
HIGH PATCH Act Now

Multiple plugins for WordPress utilizing the XootiX Framework are vulnerable to unauthorized modification of data due to a missing capability check on the 'import_settings' function in various. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 43.7%.

WordPress Authentication Bypass Login Signup Popup +3
NVD
EPSS 0% CVSS 7.4
HIGH POC PATCH This Week

The Login/Signup Popup plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on several functions in versions up to, and including, 1.4. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass WordPress Login Signup Popup
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy