Back
WordPress Popup Builder plugin <= 3.71 - Authenticated Deleting/Importing Subscribers vulnerability
- Product
- Popup Builder
- Description
- Authenticated Deleting/Importing Subscribers vulnerability found by Dave Jong (WebARX Security) in WordPress Popup Builder plugin (versions <= 3.71).
- Solution
- Update the WordPress Popup Builder plugin to the latest available version (at least 3.72).
- Classification
-
Type Multiple Vulnerabilities
OWASP Top 10 A7: Missing Function Level Access Control
- References
-
Plugin changelog
Vulnerability details
- CVE
- Name CVE-N/A
- Versions
-
Affected In
<= 3.71
Fixed In 3.72
- Disclosure date
- 2021-01-28
- Credits
- Dave Jong (WebARX Security)