Vulnerabilities > Groundhogg > Hollerbox
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-29 | CVE-2023-41657 | Cross-site Scripting vulnerability in Groundhogg Hollerbox Auth. | 4.8 |
| 2023-05-30 | CVE-2023-2111 | Unspecified vulnerability in Groundhogg Hollerbox The Fast & Effective Popups & Lead-Generation for WordPress plugin before 2.1.4 concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's database. | 4.9 |