The WordPress Popup Builder Vulnerability

The WordPress Popup Builder Vulnerability

Author: Lyon

Date: April 26, 2020 

Category: Maintenance, Performance, Security

wprssaggregator The WordPress Popup Builder Vulnerability

Malicious JavaScript code can be injected into Popups

Several security flaws have been uncovered in the Popup Builder plugin code. Currently, this plugin has more than 200,000 active installs. Many site owners are still unaware of the issue. This plugin is regularly updated and maintained by the authors. However, it took them 7 days to release the patched version of the plugin. Meanwhile, many sites were exploited by hackers and those using an outdated version of the plugin are still at risk.

One of the vulnerabilities tracked as CVE-2020-10196, can be used to collect the list of subscribers. Apart from that,

This is the first part of the original article by Lyon.
Click here to read the full article in a new tab!


The WordPress Popup Builder Vulnerability

World of WordPress is hosted by:

Servebolt: next level high performance hosting.

While others try to add more components to their hosting to make it go faster, we decided to build our hosting cloud fast from the ground up. We did so by stripping out everything we knew was deadweight.


toolset logo tag line white The WordPress Popup Builder Vulnerability