Vulnerabilities and Security Researches

Vulnerabilities and security researches foreasy-modal easy-modal

Direction: ascending

Jun 07, 2024

Easy Modal # CVE-2017-12947

CVE, Research URL: CVE-2017-12947
Home page URL: Security reports for Easy Modal
Application: Easy Modal
Date: Aug 18, 2017
Research Description: classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in an untrash action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators.
Affected versions: max 2.1.0.
Status: vulnerable

Easy Modal # CVE-2017-12946

CVE, Research URL: CVE-2017-12946
Home page URL: Security reports for Easy Modal
Application: Easy Modal
Date: Aug 18, 2017
Research Description: classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in a delete action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators.
Affected versions: max 2.1.0.
Status: vulnerable

Jan 27, 2026

Easy Modal # CVE-2026-24617

CVE, Research URL: CVE-2026-24617
Home page URL: Security reports for Easy Modal
Application: Easy Modal
Date: Jan 23, 2026
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Iser Easy Modal easy-modal allows Stored XSS.This issue affects Easy Modal: from n/a through <= 2.1.0.
Affected versions: max 2.1.0.
Status: vulnerable