Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1
CVE-2024-3231
- EPSS 4.15%
- Veröffentlicht 17.05.2024 06:15:53
- Zuletzt bearbeitet 30.05.2025 16:09:24
The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against admins.
6.1
CVE-2024-3580
- EPSS 0.32%
- Veröffentlicht 17.05.2024 06:15:53
- Zuletzt bearbeitet 30.05.2025 16:10:12
The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallo...
1