Timersys Wp Popups Wordpress Popup Builder vulnerabilities
2 known vulnerabilities affecting timersys/wp_popups_wordpress_popup_builder.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-6555P4MEDIUMCVSS 5.3PoC≤ 2.2.0.12024-07-12
CVE-2024-6555 [MEDIUM] CWE-200 CVE-2024-6555: The WP Popups – WordPress Popup builder plugin for WordPress is vulnerable to Full Path Disclosure i
The WP Popups – WordPress Popup builder plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.2.0.1. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can b
nvd
CVE-2023-24003P4MEDIUMCVSS 5.4≥ n/a, ≤ 2.1.4.82023-04-06
CVE-2023-24003 [MEDIUM] CWE-79 CVE-2023-24003: Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Timersys WP Popups – WordPre
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Timersys WP Popups – WordPress Popup plugin <= 2.1.4.8 versions.
nvd