CVE-2023-30750

HIGH

CM Popup Plugin for WordPress <= 1.5.10 - SQL Injection

Title source: llm
STIX 2.1

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CreativeMindsSolutions CM Popup Plugin for WordPress.This issue affects CM Popup Plugin for WordPress: from n/a through 1.5.10.

Scores

CVSS v3 8.5
EPSS 0.0063
EPSS Percentile 45.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Details

CWE
CWE-89
Status published
Products (2)
cminds/cm_popup < 1.6.0
CreativeMindsSolutions/CM Popup Plugin for WordPress < 1.5.10
Published Dec 20, 2023
Tracked Since Feb 18, 2026