Every CVE whose affected-product data names Custom Popup Builder Project Custom Popup Builder, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-0214 — CVSS 7.5 (high): The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by…
CVE-2022-28612 — CVSS 5.4 (medium): Improper Access Control vulnerability leading to multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS)…