Skip to main content

Wp Terms Popup

2 CVEs product

Monthly

CVE-2026-32495 HIGH This Week

A missing authorization vulnerability exists in WP Terms Popup plugin for WordPress (versions through 2.10.0) that allows attackers to bypass access controls and exploit incorrectly configured security levels. The vulnerability, classified as CWE-862 (Missing Authorization), enables unauthenticated or low-privileged attackers to access restricted functionality without proper permission checks. This issue was reported by Patchstack and affects all installations of the plugin up to and including version 2.10.0.

Authentication Bypass Wp Terms Popup
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2023-24006 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wp Terms Popup
NVD
CVSS 3.1
4.8
EPSS
0.4%
EPSS 0% CVSS 7.5
HIGH This Week

A missing authorization vulnerability exists in WP Terms Popup plugin for WordPress (versions through 2.10.0) that allows attackers to bypass access controls and exploit incorrectly configured security levels. The vulnerability, classified as CWE-862 (Missing Authorization), enables unauthenticated or low-privileged attackers to access restricted functionality without proper permission checks. This issue was reported by Patchstack and affects all installations of the plugin up to and including version 2.10.0.

Authentication Bypass Wp Terms Popup
NVD VulDB
EPSS 0% CVSS 4.8
MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wp Terms Popup
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy