CVE-2022-2405
WP Popup Builder < 1.3.0 - Subscriber+ Arbitrary Popup Deletion
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The WP Popup Builder WordPress plugin before 1.2.9 does not have authorisation and CSRF check in an AJAX action, allowing any authenticated users, such as subscribers to delete arbitrary Popup
El plugin WP Popup Builder WordPress antes de la versión 1.2.9 no dispone de autorización y comprobación CSRF en una acción AJAX, lo que permite a cualquier usuario autentificado, como los suscriptores, eliminar Popups arbitrarios
The WP Popup Builder plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2.9. This is due to missing or incorrect nonce validation and capabilities checks on several of its functions available to unauthenticated users. This makes it possible for unauthenticated attackers to create, update, and delete popups.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-07-14 CVE Reserved
- 2022-09-05 CVE Published
- 2024-04-18 EPSS Updated
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-352: Cross-Site Request Forgery (CSRF)
- CWE-862: Missing Authorization
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://wpscan.com/vulnerability/50037028-2790-47ee-aae1-faf0724eb917 | 2024-08-03 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Themehunk Search vendor "Themehunk" | Wp Popup Builder Search vendor "Themehunk" for product "Wp Popup Builder" | < 1.2.9 Search vendor "Themehunk" for product "Wp Popup Builder" and version " < 1.2.9" | wordpress |
Affected
| ||||||