← back
CVE-2022-2115

Popup Anything < 2.1.7 - Reflected Cross-Site Scripting

EPSS 0.5%CWE-79
The Popup Anything WordPress plugin before 2.1.7 does not sanitise and escape a parameter before outputting it back in a frontend page, leading to a Reflected Cross-Site Scripting
Affected products
Unknown · Popup Anything – A Marketing Popup and Lead Generation Conversions

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://wpscan.com/vulnerability/1f0ae535-c560-4510-ae9a-059e2435ad39