Vulnerabilities > Groundhogg > Hollerbox > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-09-29 CVE-2023-41657 Cross-site Scripting vulnerability in Groundhogg Hollerbox
Auth.
network
low complexity
groundhogg CWE-79
4.8
2023-05-30 CVE-2023-2111 Unspecified vulnerability in Groundhogg Hollerbox
The Fast & Effective Popups & Lead-Generation for WordPress plugin before 2.1.4 concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's database.
network
low complexity
groundhogg
4.9