The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against admins.
Metrics
Affected Vendors & Products
References
History
Fri, 01 Nov 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: WPScan
Published: 2024-05-17T06:00:02.342Z
Updated: 2024-11-01T19:39:52.466Z
Reserved: 2024-04-02T18:52:55.087Z
Link: CVE-2024-3231

Updated: 2024-08-01T20:05:08.235Z

Status : Awaiting Analysis
Published: 2024-05-17T06:15:53.140
Modified: 2024-11-21T09:29:12.043
Link: CVE-2024-3231

No data.