WordPress Plugin Vulnerabilities

Popup Builder – Create highly converting, mobile friendly marketing popups < 4.3.2 - Missing Authorization and Nonce Exposure

Description

The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 4.3.1. While some functions contain a nonce check, the nonce can be obtained from the profile page of a logged-in user. This allows subscribers to perform several actions including deleting subscribers and perform blind Server-Side Request Forgery.

Affects Plugins

Plugin icon
popup-builder
Fixed in 4.3.2

References

CVE
CVE-2023-6696
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/9f86ec30-7a9d-4c36-8559-bde331c8b958

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
8.1 (high)

Miscellaneous

Original Researcher
Lucio Sá
Verified
No
WPVDB ID
8d5ed338-ccf5-4110-94e6-c7124b280282

Timeline

Publicly Published
2024-06-14 (about 1 year ago)
Added
2024-06-14 (about 1 year ago)
Last Updated
2024-06-14 (about 1 year ago)

Other

Published
Title
Published
2023-11-14
Title
Thrive Theme Builder < 3.24.0 - Missing Authorization
Published
2025-12-25
Title
Simple File List <= 6.1.16 - Missing Authorization
Published
2023-09-01
Title
Surfer < 1.3.3.379 - Missing Authorization
Published
2024-12-12
Title
Termin-Kalender < 1.00.04 - Missing Authorization to Authenticated (Subscriber+)
Published
2023-05-23
Title
Go Pricing - WordPress Responsive Pricing Tables < 3.4 - Broken Access Control