Descrição
An issue was discovered in the Popup Maker plugin before 1.8.13 for WordPress. An unauthenticated attacker can partially control the arguments of the do_action function to invoke certain popmake_ or pum_ methods, as demonstrated by controlling content and delivery of popmake-system-info.txt (aka the “support debug text file”).
Software
Não informado
Tipo Software
Plugin
CVE
CVE-2019-17574
Tags
Nâo informado
Data de publicação
14/10/2019
Última atualização
08/12/2024
Pontuação em CVSS 3.0
9.1
Crítico