Vulnerabilities > Essentialplugin > Popup Anything > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-29 | CVE-2021-24883 | Cross-site Scripting vulnerability in Essentialplugin Popup Anything The Popup Anything WordPress plugin before 2.0.4 does not escape the Link Text and Button Text fields of Popup, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks | 3.5 |