This page aggregates publicly disclosed CVE and security risk information related to custom_popup_builder_project, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-28612 | Improper Access Control vulnerability leading to multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Muneeb's Custom Popup Builder plugin <= 1.3.1 at WordPress. | [email protected] | 5.4 | 0.18% | 2022-06-15 | 2024-11-21 |
| CVE-2022-0214 | The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog | [email protected] | 7.5 | 1.99% | 2022-02-14 | 2024-11-21 |