ThreatPress

WordPress Vulnerability Database

Back

WordPress Popup Builder plugin <= 3.71 - Authenticated Newsletter Send With Custom Content And Sender vulnerability

Product
Popup Builder
Description
Authenticated Newsletter Send With Custom Content And Sender vulnerability found by Dave Jong (WebARX Security) in WordPress Popup Builder plugin (versions <= 3.71).
Solution
Update the WordPress Popup Builder plugin to the latest available version (at least 3.72).
Classification
Type Multiple Vulnerabilities
OWASP Top 10 A7: Missing Function Level Access Control
References
Vulnerability details
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 3.71
Fixed In 3.72
Disclosure date
2021-01-28
Credits
Dave Jong (WebARX Security)