Defective WordPress popup plugin allows attackers to inject malicious code
Security flaws in the Popup Builder plugin put thousands of websites at risk.
The security flaw in the plugin affected all versions of Popup Builder up to version 3.63 and was first discovered by Ram Gall, who works as Defiant’s QA engineer. Gall provided details on how attackers use the vulnerabilities found in plugins in blog posts as follows:
“In general, an attacker could use this vulnerability to redirect site visitors to a malicious ad site or steal sensitive information from a browser but could be used to take over a site if an administrator visits or previews a page containing an infected pop-up while logged in. There is.”
Popup builder vulnerability
Other vulnerabilities allow logged-in users (users with low subscriber privileges) to access plug-in functionality to export subscriber lists and system configuration information using simple POST requests to admin-post.php.
After Gall released a bug to the company, security flaws tracked as CVE-2020-10196 and CVE-2020-10195 were fixed with the release of Popup Builder version 3.65.1 by Cygnus.
However, of the more than 100,000 plugin users, only 33,000 have been updated to the latest version. This means that more than 66,000 sites with older versions of Popup Builder are still vulnerable, making them a target for hackers.