EIP-2026-113972
PRE-CVEWordPress Plugin Popup Anything 2.0.3 - 'Multiple' Stored Cross-Site Scripting (XSS)
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-113972. PoCs published by Luca Schembri.
AI-analyzed exploit summary This is a technical writeup detailing a stored XSS vulnerability in the WordPress Plugin Popup Anything versions below 2.0.4. The vulnerability allows low-privileged users to inject malicious JavaScript via the 'Simple Link' field, which executes when clicked.
Description
WordPress Plugin Popup Anything 2.0.3 - 'Multiple' Stored Cross-Site Scripting (XSS)
Exploits (1)
This is a technical writeup detailing a stored XSS vulnerability in the WordPress Plugin Popup Anything versions below 2.0.4. The vulnerability allows low-privileged users to inject malicious JavaScript via the 'Simple Link' field, which executes when clicked.