Modal window
This hub aggregates every CVE we track for Modal window, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
7
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM6HIGH1
Monthly trend
0
1
0
0
0
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 7 most recently published vulnerabilities affecting Modal window.
- CVE-2025-0897Modal Window <= 6.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via iframeBox Shortcode6.4
- CVE-2025-24717WordPress Modal Window Plugin <= 6.1.4 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability5.4
- CVE-2024-43346WordPress Modal Window – create popup modal window plugin <= 6.0.3 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2024-3472Modal Window < 5.3.10 - Modal Deletion via CSRF5.9
- CVE-2024-2457Modal Window – create popup modal window <= 5.3.8 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode6.4
- CVE-2023-5161Modal Window <= 5.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode6.4
- CVE-2021-25051Modal Window < 5.2.2 - RFI leading to RCE via CSRF8.8
Product normalization is registry-driven with AI assist and human review. How it works