ByteOS Network

NVD

2Vulnerabilities found

CVSS Score-6.1||MEDIUM

EPSS-0.21% / 42.77%

7 Day CHG~0.00%

Published-16 Apr, 2023 | 08:20

Updated-28 Apr, 2026 | 19:18

WordPress Homepage Pop-up Plugin <= 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Magneticlab Sàrl Homepage Pop-up plugin <= 1.2.5 versions.

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSS Score-5.4||MEDIUM

EPSS-0.10% / 27.82%

7 Day CHG~0.00%

Published-02 Feb, 2023 | 15:52

Updated-28 Apr, 2026 | 16:07

WordPress Homepage Pop-up Plugin <= 1.2.5 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in Magneticlab Sàrl Homepage Pop-up plugin <= 1.2.5 versions.

Cross-Site Request Forgery (CSRF)