Get a Pentest and security assessment of your IT network.

Cyber Security

WordPress Pop-Up Builder Plugin Flaw Plagues 200K Sites

The plugin in question is Popup Builder Responsive WordPress Pop up Subscription & Newsletter, from developer Sygnoos. The plugin has been installed on 200,000 WordPress websites. The vulnerability could be exploited by attackers to send out newsletters with custom content, or to delete or import newsletter subscribers. The issue stems from a lack of authorization for AJAX methods in the plugin. A fix has been issued in version 3.72; and the latest version is 3.73.

Source: https://threatpost.com/wordpress-pop-up-builder-plugin-flaw-plagues-200k-sites/163500/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation