📦 Modal Window

The Modal Window WordPress plugin before version 5.2.2 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows authenticated attackers to include arbitrary files with PHP extensions or ...

The Modal Window WordPress plugin has a stored XSS vulnerability in versions up to 6.1.5. Authenticated attackers with contributor-level access or higher can inject malicious scripts via the 'iframeBo...

This stored cross-site scripting (XSS) vulnerability in the WordPress Modal Window plugin allows attackers to inject malicious scripts into web pages that are then executed when other users view those...

This Cross-Site Request Forgery (CSRF) vulnerability in the Modal Window WordPress plugin allows attackers to trick authenticated administrators into performing bulk deletion of modals without their c...