Vulnerabilities (CVE)

Filtered by vendor Code-atlantic Subscribe

Filtered by product Popup Maker

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-1104	1 Code-atlantic	1 Popup Maker	2022-05-17	3.5 LOW	4.8 MEDIUM
The Popup Maker WordPress plugin before 1.16.5 does not sanitise and escape some of its Popup settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
CVE-2017-2284	1 Code-atlantic	1 Popup Maker	2020-03-11	4.3 MEDIUM	6.1 MEDIUM
Cross-site scripting vulnerability in Popup Maker prior to version 1.6.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.