PVN Auth Popup

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2024-6718	WordPress PVN Auth Popup		0.00	—	0.00		May 15, 2025	The PVN Auth Popup WordPress plugin through 1.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site…
CVE-2024-6713	PVN Auth Popup PVN Auth Popup		0.00	—	0.00		May 15, 2025	The PVN Auth Popup WordPress plugin through 1.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in…

CVE-2024-6718May 15, 2025
WordPress
PVN Auth Popup
risk 0.00cvss —epss 0.00
The PVN Auth Popup WordPress plugin through 1.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site…
CVE-2024-6713May 15, 2025
PVN Auth Popup
PVN Auth Popup
risk 0.00cvss —epss 0.00
The PVN Auth Popup WordPress plugin through 1.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in…