Vulnerabilities > Mypopups
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-28 | CVE-2023-0958 | Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. network low complexity inisev themecheck mypopups copy-delete-posts backupbliss socialshare ultimatelysocial | 6.5 |
2023-07-28 | CVE-2023-3977 | Several plugins for WordPress by Inisev are vulnerable to Cross-Site Request Forgery to unauthorized installation of plugins due to a missing nonce check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. | 4.3 |
2022-09-09 | CVE-2022-38070 | Unspecified vulnerability in Mypopups Pop-Up Privilege Escalation (subscriber+) vulnerability in Pop-up plugin <= 1.1.5 at WordPress. | 8.8 |