Timersys Wp_popups

3 CVEs affecting Timersys Wp_popups. Latest disclosed: 2023-05-08. Critical: 0, High: 0.

Top CVEs affecting Timersys Wp_popups
CVESeverityScorePublishedSummary
CVE-2023-24003Medium6.52023-04-06Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Timersys WP Popups – WordPress Popup plugin <= 2.1.4.8 versions.
CVE-2023-1905Medium5.42023-05-08The WP Popups WordPress plugin before 2.1.5.1 does not properly escape the href attribute of its spu-facebook-page shortcode before outputting it back in a pag…
CVE-2022-4716Medium5.42023-01-23The WP Popups WordPress plugin before 2.1.4.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which coul…