WordPress Popup Builder plugin <= 3.71 - Authenticated Newsletter Send With Custom Content And Sender vulnerability

Back

Product: Popup Builder
Description: Authenticated Newsletter Send With Custom Content And Sender vulnerability found by Dave Jong (WebARX Security) in WordPress Popup Builder plugin (versions <= 3.71).
Solution: Update the WordPress Popup Builder plugin to the latest available version (at least 3.72).
Classification: Type Multiple Vulnerabilities
OWASP Top 10 A7: Missing Function Level Access Control
References: Vulnerability details
Plugin changelog
CVE: Name CVE-N/A
Versions: Affected In <= 3.71
Fixed In 3.72
Disclosure date: 2021-01-28
Credits: Dave Jong (WebARX Security)

ThreatPress