CVE-2023-6000

Description

The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors from updating existing popups, and injecting raw JavaScript in them, which could lead to Stored XSS attacks.

CVSS Version 3.1

nvd
CVE ID: CVE-2023-6000
Base Score: 6.1
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Impact Score: 2.7
Exploitability Score: 2.8

Content on GitHub

rxerium | watchers:2

CVE-2023-6000
The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors from updating existing popups, and injecting raw JavaScript in them, which could lead to Stored XSS attacks.

Refrence: GitHub

Refrence: NVD

Description​

Content on GitHub​

Description

Content on GitHub