Ivanweb Popup4phone

2 CVEs affecting Ivanweb Popup4phone. Latest disclosed: 2024-05-17. Critical: 0, High: 0.

Top CVEs affecting Ivanweb Popup4phone
CVESeverityScorePublishedSummary
CVE-2024-3580Medium6.12024-05-17The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perf…
CVE-2024-3231Medium6.12024-05-17The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scri…