CVE-2024-3641
6.1MEDIUMThe Newsletter Popup WordPress plugin through 1.2 does not sanitise and escape some parameters, which could allow unauthenticated visitors to perform Cross-Site Scripting attacks against admins
Publicado: 5/16/2024Atualizado: 5/19/2025
Descrição
The Newsletter Popup WordPress plugin through 1.2 does not sanitise and escape some parameters, which could allow unauthenticated visitors to perform Cross-Site Scripting attacks against admins
Análise IADesenvolvido por IA
Produtos Afetados
mndpsingh287newsletter_popup
Referências
- https://wpscan.com/vulnerability/f4047f1e-d5ea-425f-8def-76dd5e6a497e/ExploitThird Party Advisory
- https://wpscan.com/vulnerability/f4047f1e-d5ea-425f-8def-76dd5e6a497e/ExploitThird Party Advisory