CVE-2022-0214
Published: 14 February 2022
Summary
CVE-2022-0214 is a high-severity Improper Validation of Specified Quantity in Input (CWE-1284) vulnerability in Custom Popup Builder Project Custom Popup Builder. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 16.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-15416
Vulnerability details
The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the…
more
blog
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.