CVE-2025-24746

Medium CVSS: 6.5

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Iser Popup Maker popup-maker allows Stored XSS.This issue affects Popup Maker: from n/a through <= 1.20.2.

Vendor

Code-atlantic

Product

Popup Maker

CWE

CWE-79

Yayın Tarihi

2025-01-24 18:15:48

Güncelleme

2026-04-23 15:25:25

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-79 Popup Maker MEDIUM Code-atlantic 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/popup-maker/vulnerability/wordpress-popup-maker-plugin-1-20-2-cross-site-scripting-xss-vulnerability?_s_id=cve