Lucene search
China National Vulnerability DatabaseCNVD-2022-87015HistoryNov 23, 2022 - 12:00 a.m.
WordPress Popup Maker Cross-Site Scripting Vulnerability
2022-11-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
wordpress
popup maker
cross-site scripting
vulnerability
failure to clean
xss attack
0.001 Low
EPSS
Percentile
24.8%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Popup Maker versions prior to 1.16.11 contain a cross-site scripting vulnerability that stems from the failure to clean and escape some of its Popup options. An attacker could use the vulnerability to inject cross-site code and launch an XSS attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress popup maker plugin | lt | 1.16.11 |
Related
patchstack
patchstack
nvd
nvd
CVE-2022-3690
2022-11-21 11:15:20
osv
osv
CVE-2022-3690
2022-11-21 11:15:20
prion
prion
Cross site scripting
2022-11-21 11:15:00
cvelist
cvelist
wpvulndb
wpvulndb
Popup Maker < 1.16.11 - Contributor+ Stored Cross Site Scripting
2022-10-31 00:00:00
cve
cve
CVE-2022-3690
2022-11-21 11:15:20
openvas
openvas
WordPress Popup Maker Plugin < 1.16.11 XSS Vulnerability
2023-02-23 00:00:00
wpexploit
wpexploit
Popup Maker < 1.16.11 - Contributor+ Stored Cross Site Scripting
2022-10-31 00:00:00