VYPR

CM Popup

by WordPress

CVEs (1)

  • CVE-2024-5004Jul 22, 2024
    risk 0.00cvss epss 0.00

    The CM Popup Plugin for WordPress WordPress plugin before 1.6.6 does not sanitise and escape some of the campaign settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks