Every CVE whose affected-product data names Ays-pro Popup Box, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2021-24458 — CVSS 8.8 (high): The get_ays_popupboxes() and get_popup_categories() functions of the Popup box WordPress plugin before 2.3.4 did not use whitelist or…
CVE-2021-24460 — CVSS 8.8 (high): The get_fb_likeboxes() function in the Popup Like box – Page Plugin WordPress plugin before 3.5.3 did not use whitelist or validate the…
CVE-2025-15611 — CVSS 5.4 (medium): The Popup Box WordPress plugin before 5.5.0 does not properly validate nonces in the add_or_edit_popupbox() function before saving popup…
CVE-2024-9599 — CVSS 5.4 (medium): The Popup Box WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such…
CVE-2023-5809 — CVSS 4.8 (medium): The Popup box WordPress plugin before 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such…
CVE-2023-5874 — CVSS 4.8 (medium): The Popup box WordPress plugin before 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such…
CVE-2023-6591 — CVSS 4.8 (medium): The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such…
CVE-2023-4390 — CVSS 4.8 (medium): The Popup box WordPress plugin before 3.7.2 does not sanitize and escape some Popup fields, which could allow high-privilege users such as…
CVE-2023-5343 — CVSS 4.8 (medium): The Popup box WordPress plugin before 3.7.9 does not sanitise and escape some of its settings, which could allow high privilege users such…