1 results (0.003 seconds)
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2015-10095 – woo-popup Plugin class-woo-popup-admin.php cross site scripting
https://notcve.org/view.php?id=CVE-2015-10095
21 May 2015 — A vulnerability classified as problematic has been found in woo-popup Plugin up to 1.2.2 on WordPress. This affects an unknown part of the file admin/class-woo-popup-admin.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.3.0 is able to address this issue. • https://github.com/wp-plugins/woo-popup/commit/7c76ac78f3e16015991b612ff4fa616af4ce9292 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •