Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-24883

Disclosure Date: November 29, 2021 (last updated October 07, 2023)
The Popup Anything WordPress plugin before 2.0.4 does not escape the Link Text and Button Text fields of Popup, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0