CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-6591

The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.7%

CVSS Severity

CVSS v3 Score 4.8

References

https://wpscan.com/vulnerability/f296de1c-b70b-4829-aba7-4afa24f64c51/
https://wpscan.com/vulnerability/f296de1c-b70b-4829-aba7-4afa24f64c51/

Products affected by CVE-2023-6591

Ays-Pro » Popup Box » Version: N/A

cpe:2.3:a:ays-pro:popup_box:-
Ays-Pro » Popup Box » Version: 20.8.7

cpe:2.3:a:ays-pro:popup_box:20.8.7
Ays-Pro » Popup Box » Version: 20.8.8

cpe:2.3:a:ays-pro:popup_box:20.8.8
Ays-Pro » Popup Box » Version: 20.8.9

cpe:2.3:a:ays-pro:popup_box:20.8.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-6591

Products

Pricing

Contact Us