cbcvebase.

Supsystic Popup By Supsystic vulnerabilities

4 known vulnerabilities affecting supsystic/popup_by_supsystic.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2021-24275P3MEDIUMCVSS 6.1PoC≥ 1.10.5, < 1.10.52021-05-05
CVE-2021-24275 [MEDIUM] CWE-79 CVE-2021-24275: The Popup by Supsystic WordPress plugin before 1.10.5 did not sanitise the tab parameter of its opti The Popup by Supsystic WordPress plugin before 1.10.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
nvd
CVE-2024-52434P3CRITICALCVSS 9.1≤ 1.10.292024-11-18
CVE-2024-52434 [CRITICAL] CWE-82 CVE-2024-52434: Deserialization of Untrusted Data vulnerability in supsystic Popup by Supsystic popup-by-supsystic a Deserialization of Untrusted Data vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Command Injection.This issue affects Popup by Supsystic: from n/a through <= 1.10.29.
nvd
CVE-2023-51353P3CRITICALCVSS 9.8≤ 1.10.192024-12-09
CVE-2023-51353 [CRITICAL] CWE-862 CVE-2023-51353: Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Exploi Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup by Supsystic: from n/a through <= 1.10.19.
nvd
CVE-2024-31421P4MEDIUMCVSS 4.3≤ 1.10.272024-04-15
CVE-2024-31421 [MEDIUM] CWE-862 CVE-2024-31421: Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic.This issue af Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic.This issue affects Popup by Supsystic: from n/a through <= 1.10.27.
nvd
Supsystic Popup By Supsystic vulnerabilities | cvebase