Vulnerabilities > Supsystic
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-13 | CVE-2023-39997 | Missing Authorization vulnerability in Supsystic Popup Missing Authorization vulnerability in supsystic.com Popup by Supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup by Supsystic: from n/a through 1.10.19. | 9.8 |
| 2024-12-09 | CVE-2023-51353 | Unspecified vulnerability in Supsystic Popup Missing Authorization vulnerability in supsystic.com Popup by Supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup by Supsystic: from n/a through 1.10.19. | 9.8 |
| 2024-11-18 | CVE-2024-52434 | Code Injection vulnerability in Supsystic Popup Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic Popup by Supsystic allows Command Injection.This issue affects Popup by Supsystic: from n/a through 1.10.29. | 9.1 |
| 2024-09-26 | CVE-2024-47330 | Missing Authorization vulnerability in Supsystic Slider and Social Share Buttons Missing Authorization vulnerability in Supsystic Slider by Supsystic, Supsystic Social Share Buttons by Supsystic.This issue affects Slider by Supsystic: from n/a through 1.8.6; Social Share Buttons by Supsystic: from n/a through 2.2.9. | 8.8 |
| 2024-07-02 | CVE-2024-5219 | Cross-site Scripting vulnerability in Supsystic Easy Google Maps The Easy Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file upload feature in all versions up to, and including, 1.11.15 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-05-17 | CVE-2023-46197 | Unspecified vulnerability in Supsystic Popup Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: from n/a through 1.10.19. | 6.5 |
| 2024-04-15 | CVE-2024-31421 | Unspecified vulnerability in Supsystic Popup Missing Authorization vulnerability in Supsystic Popup by Supsystic.This issue affects Popup by Supsystic: from n/a through 1.10.27. | 4.3 |
| 2024-04-12 | CVE-2024-31269 | Unspecified vulnerability in Supsystic Easy Google Maps Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps.This issue affects Easy Google Maps: from n/a through 1.11.11. | 8.8 |
| 2024-03-27 | CVE-2024-29921 | Unspecified vulnerability in Supsystic Photo Gallery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Supsystic Photo Gallery by Supsystic allows Stored XSS.This issue affects Photo Gallery by Supsystic: from n/a through 1.15.16. | 4.8 |
| 2024-01-16 | CVE-2023-6732 | Cross-site Scripting vulnerability in Supsystic Ultimate Maps The Ultimate Maps by Supsystic WordPress plugin before 1.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | 4.8 |