cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-4961,https://securityvulnerability.io/vulnerability/CVE-2023-4961,Stored Cross-Site Scripting in Poptin Plugin for WordPress,"The Poptin plugin for WordPress, prior to version 1.3, contains a Stored Cross-Site Scripting vulnerability due to inadequate input sanitization and output escaping of user-supplied attributes in the 'poptin-form' shortcode. This flaw allows authenticated attackers with contributor-level or higher permissions to inject arbitrary web scripts into pages. These scripts could execute whenever an unsuspecting user accesses a page containing the modified form, potentially compromising user data and site integrity.",Wordpress,"Pop ups, WordPress Exit Intent Popup, Email Pop Up, Lightbox Pop Up, Spin the Wheel, Contact Form Builder – Poptin",5.4,MEDIUM,0.0006000000284984708,false,,false,false,false,,false,false,2023-10-20T08:15:00.000Z,0