Popup

popup

Vendor: Supsystic • 10 CVEs

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-39997 1Supsystic 1Popup Apr 28, 2026 Dec 13, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Missing Authorization vulnerability in supsystic.com Popup by Supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup by Supsystic: from n/a through 1.10.19.
CVE-2023-51353 1Supsystic 1Popup Apr 29, 2026 Dec 9, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup by Supsystic: from n/a through <= 1....Show more Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup by Supsystic: from n/a through <= 1.10.19.Show less
CVE-2024-52434 1Supsystic 1Popup Apr 23, 2026 Nov 18, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Deserialization of Untrusted Data vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Command Injection.This issue affects Popup by Supsystic: from n/a through <= 1.10.29.
CVE-2023-46197 1Supsystic 1Popup Apr 28, 2026 May 17, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: from n/a through 1.10...Show more Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: from n/a through 1.10.19.Show less
CVE-2024-31421 1Supsystic 1Popup Apr 23, 2026 Apr 15, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic.This issue affects Popup by Supsystic: from n/a through <= 1.10.27.
CVE-2023-3186 1Supsystic 1Popup Nov 21, 2024 Jul 17, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The Popup by Supsystic WordPress plugin before 1.10.19 has a prototype pollution vulnerability that could allow an attacker to inject arbitrary properties into Object.prototype.
CVE-2017-20065 1Supsystic 1Popup Nov 21, 2024 Jun 20, 2022 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 A vulnerability was found in Supsystic Popup Plugin 1.7.6 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remot...Show more A vulnerability was found in Supsystic Popup Plugin 1.7.6 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2022-0424 1Supsystic 1Popup Nov 21, 2024 May 9, 2022 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users
CVE-2021-24275 1Supsystic 1Popup Nov 21, 2024 May 5, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Popup by Supsystic WordPress plugin before 1.10.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
CVE-2016-10915 1Supsystic 1Popup Nov 21, 2024 Aug 20, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The popup-by-supsystic plugin before 1.7.9 for WordPress has CSRF.