Unrated severityNVD Advisory· Published Feb 12, 2024· Updated Oct 28, 2024
Popup Box Pro < 20.9.0 - Admin+ Stored XSS
CVE-2023-6591
Description
The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/f296de1c-b70b-4829-aba7-4afa24f64c51/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.