Click WordPress - Your one stop solution for all your WordPress Requirements

[WordPress News] Over 700,000 Websites affected due to this Popup maker plugin problem

Facebook
Pinterest
LinkedIn
Reddit
WhatsApp
Email
Print

image credits @ freepik

Popup Maker discovered with a lot of vulnerabilities!

Table of Contents

About the Vulnerabilities found in the Popup Maker Plugin:

This just in – The U.S. government National Vulnerability Database recently issued a notice explaining a Cross – Site Scripting susceptibility in the famous WordPress Plugin – The Popup Maker

The susceptibility discovered in the Popup Maker – Popup for opt-ins, lead generation and more has till now affected around 700, 000 WordPress websites and counting.

The Popup Maker Plugin integrates with a lot of WordPress & WooCommerce features likes e-mail, newsletter signups and other prominent applications.

Popup Maker Susceptibility

The susceptibility is called kept cross-site scripting (XSS).

The XSS vulnerabilities causes the site publisher to lose control over what is being published when anything is uploaded. Anywhere that an individual can input data can come to be vulnerable there is an absence of control over what can be published.

This particular susceptibility can occur when a hacker can acquire the login credentials of a customer with at least a contributor level access and begin the assault.

Security firm WP Scan (a company by Automattic) released a proof of principle that shows how the exploit works.

Citations

Read the U.S. Government National Vulnerability Database advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-4381

 

Popup Maker < 1.16.9 – Contributor+ Stored XSS via Subscription Form – https://wpscan.com/vulnerability/8bf8ebe8-1063-492d-a0f9-2f824408d0df

– The End –

Connect with us

related posts

Click WordPress is a single window support for all your WordPress related requirements. You can find exhaustive content on the following WordPress DIYs, WordPress Troubleshooting, Woocommerce, WordPress Plugins, WordPress Themes

Useful Links

Blog Categories

Pin It on Pinterest

Shares
Share This