ThreatPress

WordPress Vulnerability Database

Back

WordPress Popup Builder plugin <= 3.69.6 - Multiple Stored Cross-Site Scripting (XSS) vulnerabilities

Product
Popup Builder
Description
Multiple Stored Cross-Site Scripting (XSS) vulnerabilities were found by Ilca Lucian Florin in the WordPress Popup Builder plugin (versions <= 3.69.6).
Solution
2020-12-14 - awaiting patch approval.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Plugin changelog
Vulnerability details
CVE
Name CVE-N/A
Versions
Affected In <= 3.69.6
Fixed In 3.69.7
Disclosure date
2020-12-14
Credits
Ilca Lucian Florin