7.1
CVE-2026-54192
- EPSS 0.19%
- Veröffentlicht 17.06.2026 09:51:38
- Zuletzt bearbeitet 17.06.2026 09:51:38
- Quelle 21595511-bba5-4825-b968-b78d1f
- CVE-Watchlists
- Unerledigt
WordPress Popup box plugin <= 6.2.9 - Reflected Cross Site Scripting (XSS) vulnerability
Popup Box – Create Countdown, Coupon, Video, Contact Form Popups <= 6.2.9 - Reflected Cross-Site Scripting
Unauthenticated Cross Site Scripting (XSS) in Popup box <= 6.2.9 versions.
Mögliche Gegenmaßnahme
Popup Box – Create Countdown, Coupon, Video, Contact Form Popups: Update to version 6.3.0, or a newer patched version
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerAys Pro
≫
Produkt
Popup box
Default Statusunaffected
Version <=
6.2.9
Version
n/a
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginWeitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
Popup Box – Create Countdown, Coupon, Video, Contact Form Popups
Version
*-6.2.9
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.09 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 21595511-bba5-4825-b968-b78d1f9984a3 | 7.1 | 0 | 0 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
|
https://patchstack.com/database/wordpress/plugin/ays-popup-box/vulnerability/wordpress-popup-box-plugin-6-2-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
https://www.wordfence.com/threat-intel/vulnerabilities/id/d353bd5b-2155-458a-8959-89358bb00126