cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-3580,https://securityvulnerability.io/vulnerability/CVE-2024-3580,Unfiltered HTML Setting Vulnerability in Popup4Phone WordPress Plugin Allows Stored Cross-Site Scripting Attacks,"The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",Wordpress,Popup4phone,,,0.0004299999854993075,false,,false,false,true,true,false,false,2024-05-17T06:00:02.530Z,0
CVE-2024-3231,https://securityvulnerability.io/vulnerability/CVE-2024-3231,Cross-Site Scripting (XSS) Vulnerability in Popup4Phone WordPress Plugin,"The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against admins.",Wordpress,Popup4phone,,,0.0004299999854993075,false,,false,false,true,true,false,false,2024-05-17T06:00:02.342Z,0