Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-2405

Disclosure Date: September 26, 2022 (last updated December 22, 2024)
The WP Popup Builder WordPress plugin before 1.2.9 does not have authorisation and CSRF check in an AJAX action, allowing any authenticated users, such as subscribers to delete arbitrary Popup
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0