CVE-2022-29445 – WordPress Popup Box plugin <= 2.1.2 - Authenticated Local File Inclusion (LFI) vulnerability
https://notcve.org/view.php?id=CVE-2022-29445
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Popup Box plugin <= 2.1.2 at WordPress. Una vulnerabilidad de inclusión de archivos locales (LFI) autenticada (administrador o rol superior) en el plugin Popup Box de Wow-Company versiones anteriores a 2.1.2 incluyéndola, en WordPress • https://patchstack.com/database/vulnerability/popup-box/wordpress-popup-box-plugin-2-1-2-authenticated-local-file-inclusion-lfi-vulnerability https://wordpress.org/plugins/popup-box/#developers • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') CWE-706: Use of Incorrectly-Resolved Name or Reference •