Vulnerabilities and security researches foreasy-notify-lite easy-notify-lite
Direction: ascendingJun 06, 2024
Popup Builder # CVE-2024-34567
- CVE, Research URL
- Home page URL
- Application
- Date
- May 17, 2024
- Research Description
- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in GhozyLab, Inc. Popup Builder allows Stored XSS.This issue affects Popup Builder: from n/a through 1.1.29.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Jun 19, 2024
Popup Builder # CVE-2024-3236
- CVE, Research URL
- Home page URL
- Application
- Date
- Jun 17, 2024
- Research Description
- The Popup Builder WordPress plugin before 1.1.33 does not sanitise and escape some of its Notification fields, which could allow users such as contributor and above to perform Stored Cross-Site Scripting attacks.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Feb 26, 2025
Popup Builder # CVE-2025-26882
- CVE, Research URL
- Home page URL
- Application
- Date
- Feb 25, 2025
- Research Description
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Popup Builder allows Stored XSS. This issue affects Popup Builder: from n/a through 1.1.33.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Apr 26, 2025
Popup Builder # CVE-2025-46230
- CVE, Research URL
- Home page URL
- Application
- Date
- Apr 24, 2025
- Research Description
- Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in GhozyLab Popup Builder allows PHP Local File Inclusion. This issue affects Popup Builder: from n/a through 1.1.35.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable