Skip to main content

Wp Popups

2 CVEs product

Monthly

CVE-2023-1905 MEDIUM POC This Month

The WP Popups WordPress plugin before 2.1.5.1 does not properly escape the href attribute of its spu-facebook-page shortcode before outputting it back in a page/post where the shortcode is embed,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wp Popups
NVD WPScan
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-24003 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Wp Popups
NVD
CVSS 3.1
5.4
EPSS
0.4%
EPSS 0% CVSS 5.4
MEDIUM POC This Month

The WP Popups WordPress plugin before 2.1.5.1 does not properly escape the href attribute of its spu-facebook-page shortcode before outputting it back in a page/post where the shortcode is embed,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wp Popups
NVD WPScan
EPSS 0% CVSS 5.4
MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Wp Popups
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy