Timersys Wp_popups
3 CVEs affecting Timersys Wp_popups. Latest disclosed: 2023-05-08. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-24003 | Medium | 6.5 | 2023-04-06 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Timersys WP Popups – WordPress Popup plugin <= 2.1.4.8 versions. |
CVE-2023-1905 | Medium | 5.4 | 2023-05-08 | The WP Popups WordPress plugin before 2.1.5.1 does not properly escape the href attribute of its spu-facebook-page shortcode before outputting it back in a pag… |
CVE-2022-4716 | Medium | 5.4 | 2023-01-23 | The WP Popups WordPress plugin before 2.1.4.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which coul… |