| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-4045 | Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation <= 2.16.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | smub | Popup Builder & Popup Maker for WordPress – OptinMonster Email Marketing and Lead Generation | Medium | 6.4 | 2024-05-25 05:36:44 | Deep Dive |
| CVE-2024-32800 | WordPress Popup – Popup More Popups plugin <= 2.3.1 - Cross Site Scripting (XSS) vulnerability | Felix Moira | Popup More Popups | Medium | 5.9 | 2024-05-17 06:10:19 | Deep Dive |
| CVE-2024-29105 | WordPress WP Popups – WordPress Popup builder plugin <= 2.1.5.5 - Cross Site Scripting (XSS) vulnerability | Timersys | WP Popups | Medium | 5.9 | 2024-03-19 15:39:27 | Deep Dive |
| CVE-2024-0368 | Hustle <= 7.8.3 - Sensitive Information Exposure via Exposed Hubspot API Keys | wpmudev | Hustle – Email Marketing, Lead Generation, Optins, Popups | High | 8.6 | 2024-03-13 15:27:22 | Deep Dive |
| CVE-2024-0844 | WordPress plugin Popup More Popups, Lightboxes, and more popup modules 安全漏洞 | devfelixmoira | Popup More Popups, Lightboxes, and more popup modules | Medium | 4.7 | 2024-02-02 11:34:15 | Deep Dive |
| CVE-2023-32966 | WordPress Jazz Popups Plugin <= 1.8.7 is vulnerable to Cross Site Request Forgery (CSRF) leading to Stored XSS | CRUDLab | Jazz Popups | 中危 | - | 2023-11-07 17:29:17 | Deep Dive |
| CVE-2023-37891 | WordPress Exit Popups & Onsite Retargeting by OptiMonk Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF) | OptiMonk | OptiMonk: Popups, Personalization & A/B Testing | Medium | 4.3 | 2023-10-03 09:34:38 | Deep Dive |
| CVE-2022-27861 | WordPress Ninja Popups Plugin <= 4.7.5 is vulnerable to Open Redirection | Arscode | Ninja Popups | Medium | 4.7 | 2023-08-10 09:19:45 | Deep Dive |
| CVE-2023-0958 | Inisev Plugins (Various Versions) - Missing Authorization on handle_installation function | inisev | Redirection | Medium | 4.3 | 2023-07-28 04:37:04 | Deep Dive |
| CVE-2023-3977 | Inisev Plugins (Various Versions) - Cross-Site Request Forgery on handle_installation function | inisev | Redirection | Medium | 4.3 | 2023-07-28 04:37:03 | Deep Dive |
| CVE-2023-32965 | WordPress Jazz Popups Plugin <= 1.8.7 is vulnerable to Cross Site Scripting (XSS) | CRUDLab | Jazz Popups | High | 7.1 | 2023-07-18 13:25:00 | Deep Dive |
| CVE-2021-4421 | Advanced Popups <= 1.1.1 - Cross-Site Request Forgery Bypass | codesupplyco | Advanced Popups | Medium | 4.3 | 2023-07-12 06:52:35 | Deep Dive |
| CVE-2023-2111 | HollerBox < 2.1.4 - Admin+ SQL Injection | Unknown | Fast & Effective Popups & Lead-Generation for WordPress | 中危 | - | 2023-05-30 07:49:23 | Deep Dive |
| CVE-2023-1905 | WP Popups < 2.1.5.1 - Contributor+ Stored XSS | Unknown | WP Popups | 中危 | - | 2023-05-08 13:58:00 | Deep Dive |
| CVE-2023-24003 | WordPress WP Popups Plugin <= 2.1.4.8 is vulnerable to Cross Site Scripting (XSS) | Timersys | WP Popups – WordPress Popup builder | Medium | 6.5 | 2023-04-06 08:09:15 | Deep Dive |
| CVE-2022-41134 | WordPress Optinly Plugin <= 1.0.15 is vulnerable to Cross Site Request Forgery (CSRF) | OptinlyHQ | Optinly – Exit Intent, Newsletter Popups, Gamification & Opt-in Forms | Medium | 5.4 | 2023-02-13 16:52:46 | Deep Dive |
| CVE-2022-4716 | WP Popups < 2.1.4.8 - Contributor+ Stored XSS | Unknown | WP Popups | 中危 | - | 2023-01-23 14:31:28 | Deep Dive |
| CVE-2022-2305 | WordPress Popup <= 1.9.3.8 - Admin+ Stored Cross-Site Scripting | Unknown | Popups – WordPress Popup | 中危 | - | 2022-08-01 12:51:48 | Deep Dive |
| CVE-2022-1894 | Popup Builder < 4.1.11 - Admin+ Stored Cross-Site Scripting | Unknown | Popup Builder – Create highly converting, mobile friendly marketing popups. | 中危 | - | 2022-07-11 12:56:21 | Deep Dive |
| CVE-2022-1776 | Icegram < 2.1.8 - Contributor+ Stored Cross-Site Scripting | Unknown | Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram | 中危 | - | 2022-06-27 08:57:34 | Deep Dive |