VYPR

Sticky Popup

by WordPress

CVEs (1)

  • CVE-2022-1750MedJun 13, 2022
    risk 0.36cvss 5.5epss 0.01

    The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ popup_title' parameter in versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with admin…