Supsystic: >> Popup >> 1.10.14 Security Vulnerabilities
Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup by Supsystic: from n/a through <= 1.10.19.
CVSS Score
5.3
EPSS Score
0.003
Published
2024-12-13
Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup by Supsystic: from n/a through <= 1.10.19.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-12-09
Deserialization of Untrusted Data vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Command Injection.This issue affects Popup by Supsystic: from n/a through <= 1.10.29.
CVSS Score
9.1
EPSS Score
0.013
Published
2024-11-18
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: from n/a through 1.10.19.
CVSS Score
8.8
EPSS Score
0.231
Published
2024-05-17
Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic.This issue affects Popup by Supsystic: from n/a through <= 1.10.27.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-04-15
The Popup by Supsystic WordPress plugin before 1.10.19 has a prototype pollution vulnerability that could allow an attacker to inject arbitrary properties into Object.prototype.
CVSS Score
9.8
EPSS Score
0.06
Published
2023-07-17