Approved changes feed: RSS · Atom
cpe:2.3:a:cminds:cm_popup:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Cminds (b5402bde-9543-59be-8aae-b9b2097f562f) |
|---|---|
| Product | Cm Popup (ece483fc-e3bf-526e-9e46-d9f81d9b620a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/wp-plugins/cm-pop-up-banners |
purl2cpe | 2026-06-01 10:15:33.716127 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-5799 |
vulnerable | 2026-06-03 14:57:54.253009 |
CM Pop-Up Banners for WordPress < 1.7.3 - Contributor+ Stored XSS
The CM Pop-Up Banners for WordPress plugin before 1.7.3 does not sanitise and escape some of its popup fields, which could allow high privilege users such as Contributors to perform Cross-Site Scripting attacks.
Published: 2024-09-12T06:00:02.912Z
Updated: 2024-09-12T17:57:42.676Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-5004 |
vulnerable | 2026-06-03 14:57:51.456310 |
CM Popup Plugin for WordPress < 1.6.6 - Contributor+ Stored XSS
The CM Popup Plugin for WordPress WordPress plugin before 1.6.6 does not sanitise and escape some of the campaign settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks
Published: 2024-07-22T06:00:01.790Z
Updated: 2024-08-01T20:55:10.410Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-30750 |
vulnerable | 2026-06-03 14:51:53.614640 |
WordPress CM Pop-Up banners Plugin <= 1.5.10 is vulnerable to SQL Injection
HIGH (8.5)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CreativeMindsSolutions CM Popup Plugin for WordPress.This issue affects CM Popup Plugin for WordPress: from n/a through 1.5.10.
Published: 2023-12-20T17:06:20.367Z
Updated: 2026-04-28T16:08:19.313Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.