CVE-2024-3580 | Popup4Phone Plugin up to 1.3.2 on WordPress Setting cross site scripting

Inserito da Angelo Barbosa | Mag 17, 2024 | CVE

A vulnerability was found in Popup4Phone Plugin up to 1.3.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2024-3580. The attack can be launched remotely. There is no exploit available.

CVE-2024-3580 | Popup4Phone Plugin up to 1.3.2 on WordPress Setting cross site scripting

Post correlati

CVE-2024-5205 | Videojs HTML5 Player Plugin up to 1.1.11 on WordPress Shortcode videojs_video cross site scripting

CVE-2024-26327 | QEMU up to 8.2.1 hw/pci/pcie_sriov.c register_vfs buffer overflow

CVE-2023-50571 | easy-rules-mvel 4.1.0 MVELRule Privilege Escalation

CVE-2024-41043 | Linux Kernel up to 6.9.9 nfnetlink_queue Privilege Escalation (86858da8335d/631a4b3ddc78)