Impact
WP Magnific Popup up to version 1.0 fails to escape user-controlled link URLs before rendering them in the DOM when image load errors occur. This defect allows an authenticated Author or higher to store malicious JavaScript in the plugin’s link fields that will execute automatically when any site visitor views an affected page, potentially leaking session data, defacing content, or performing account hijack. The weakness directly maps to improper neutralization of input during web page generation, enabling client‑side code execution.
Affected Systems
The vulnerability affects the WordPress plugin WP Magnific Popup, versions 1.0 and earlier. No specific vendor or broader product family is listed beyond the plugin name, and the affected‑version range is limited to the 1.0 release. Users running this branch of the plugin are exposed; no other products are implicated by the current analysis.
Risk and Exploitability
With a CVSS base score of 5.9 the issue represents a moderate risk profile. The EPSS score is below 1%, indicating a low but non‑zero probability that the flaw is being exploited in the wild. It is not listed in the CISA KEV catalog. The attack requires an attacker to have authenticated Author or higher privileges within WordPress to inject the malicious link. Once stored, the payload can be triggered by any visiting user, creating a cross‑site scripting vector that can lead to information disclosure or session compromise.
OpenCVE Enrichment