Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Popup | Custom Popup Builder by Unknown

    CVE-2022-0214 (GCVE-0-2022-0214)

    Vulnerability from nvd – Published: 2022-02-14 09:21 – Updated: 2024-08-02 23:18
    VLAI
    Title
    Popup | Custom Popup Builder < 1.3.1 - Unauthenticated Denial of Service
    Summary
    The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog
    Severity
    No CVSS data available.
    Assigner
    References
    URL Tags
    https://wpscan.com/vulnerability/ca2e8feb-15d6-49… exploitvdb-entrytechnical-description
    Impacted products
    Vendor Product Version
    Unknown Popup | Custom Popup Builder Affected: 0 , < 1.3.1 (custom)
    Create a notification for this product.
    Credits
    Felipe de Avila WPScan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T23:18:42.546Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "exploit",
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/ca2e8feb-15d6-4965-ad9c-8da1bc01e0f4"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "product": "Popup | Custom Popup Builder",
              "vendor": "Unknown",
              "versions": [
                {
                  "lessThan": "1.3.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Felipe de Avila"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "WPScan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-1284 Improper Validation of Specified Quantity in Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-24T09:23:05.549Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "exploit",
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://wpscan.com/vulnerability/ca2e8feb-15d6-4965-ad9c-8da1bc01e0f4"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Popup | Custom Popup Builder \u003c 1.3.1 - Unauthenticated Denial of Service",
          "x_generator": {
            "engine": "WPScan CVE Generator"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2022-0214",
        "datePublished": "2022-02-14T09:21:10.000Z",
        "dateReserved": "2022-01-13T00:00:00.000Z",
        "dateUpdated": "2024-08-02T23:18:42.546Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-0214 (GCVE-0-2022-0214)

    Vulnerability from cvelistv5 – Published: 2022-02-14 09:21 – Updated: 2024-08-02 23:18
    VLAI
    Title
    Popup | Custom Popup Builder < 1.3.1 - Unauthenticated Denial of Service
    Summary
    The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog
    Severity
    No CVSS data available.
    Assigner
    References
    URL Tags
    https://wpscan.com/vulnerability/ca2e8feb-15d6-49… exploitvdb-entrytechnical-description
    Impacted products
    Vendor Product Version
    Unknown Popup | Custom Popup Builder Affected: 0 , < 1.3.1 (custom)
    Create a notification for this product.
    Credits
    Felipe de Avila WPScan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T23:18:42.546Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "exploit",
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/ca2e8feb-15d6-4965-ad9c-8da1bc01e0f4"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "product": "Popup | Custom Popup Builder",
              "vendor": "Unknown",
              "versions": [
                {
                  "lessThan": "1.3.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Felipe de Avila"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "WPScan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-1284 Improper Validation of Specified Quantity in Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-24T09:23:05.549Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "exploit",
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://wpscan.com/vulnerability/ca2e8feb-15d6-4965-ad9c-8da1bc01e0f4"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Popup | Custom Popup Builder \u003c 1.3.1 - Unauthenticated Denial of Service",
          "x_generator": {
            "engine": "WPScan CVE Generator"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2022-0214",
        "datePublished": "2022-02-14T09:21:10.000Z",
        "dateReserved": "2022-01-13T00:00:00.000Z",
        "dateUpdated": "2024-08-02T23:18:42.546Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }