Cm Popup

cm_popup

Vendor: Cminds • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-5799 1Cminds 1Cm Popup Sep 26, 2024 Sep 12, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 The CM Pop-Up Banners for WordPress plugin before 1.7.3 does not sanitise and escape some of its popup fields, which could allow high privilege users such as Contributors to perform Cross-Site Scripting attacks.
CVE-2024-5004 1Cminds 1Cm Popup Nov 21, 2024 Jul 22, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 The CM Popup Plugin for WordPress WordPress plugin before 1.6.6 does not sanitise and escape some of the campaign settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripti...Show more The CM Popup Plugin for WordPress WordPress plugin before 1.6.6 does not sanitise and escape some of the campaign settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacksShow less
CVE-2023-30750 1Cminds 1Cm Popup Apr 28, 2026 Dec 20, 2023 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CreativeMindsSolutions CM Popup Plugin for WordPress.This issue affects CM Popup Plugin for WordPress: from n/a throug...Show more Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CreativeMindsSolutions CM Popup Plugin for WordPress.This issue affects CM Popup Plugin for WordPress: from n/a through 1.5.10.Show less