Every CVE whose affected-product data names Supsystic Popup, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2023-3186 — CVSS 9.8 (critical): The Popup by Supsystic WordPress plugin before 1.10.19 has a prototype pollution vulnerability that could allow an attacker to inject…
CVE-2024-52434 — CVSS 9.1 (critical): Deserialization of Untrusted Data vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Command Injection.This issue…
CVE-2021-24275 — CVSS 6.1 (medium): The Popup by Supsystic WordPress plugin before 1.10.5 did not sanitise the tab parameter of its options page before outputting it in an…
CVE-2023-39997 — CVSS 5.3 (medium): Missing Authorization vulnerability in supsystic.com Popup by Supsystic allows Exploiting Incorrectly Configured Access Control Security…
CVE-2022-0424 — CVSS 5.3 (medium): The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing…
CVE-2023-51353 — CVSS 5.3 (medium): Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Exploiting Incorrectly Configured Access…
CVE-2023-46197 — CVSS 5.3 (medium): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows…
CVE-2024-31421 — CVSS 4.3 (medium): Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic.This issue affects Popup by Supsystic: from n/a…
CVE-2017-20065 — CVSS 4.3 (medium): A vulnerability was found in Supsystic Popup Plugin 1.7.6 and classified as problematic. This issue affects some unknown processing. The…