Show filters
13 Total Results
Displaying 11-13 of 13
Sort by:
Attacker Value
Unknown

CVE-2022-47610

Disclosure Date: March 29, 2023 (last updated November 08, 2023)
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mr Digital Simple Image Popup plugin <= 1.3.6 versions.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-34658

Disclosure Date: August 13, 2021 (last updated February 23, 2025)
The Simple Popup Newsletter WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $_SERVER['PHP_SELF'] in the ~/simple-popup-newsletter.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4.7.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2014-3921

Disclosure Date: May 30, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in popup.php in the Simple Popup Images plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the z parameter.
0
0
View More Topics  < Previous