VYPR

CM Popup Plugin

by WordPress

CVEs (2)

  • CVE-2023-30750HigDec 20, 2023
    risk 0.55cvss 8.5epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CreativeMindsSolutions CM Popup Plugin for WordPress.This issue affects CM Popup Plugin for WordPress: from n/a through 1.5.10.

  • CVE-2024-5004MedJul 22, 2024
    risk 0.31cvss 4.8epss 0.00

    The CM Popup Plugin for WordPress WordPress plugin before 1.6.6 does not sanitise and escape some of the campaign settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks