The Popup Builder WordPress plugin is affected by security flaws that could be exploited by
More than 100,000 websites are exposed to cyber attacks that could allow attackers, to steal information, and potentially take over them.
The Popup Builder plugin is developed by Sygnoos, it allows site
Popups are used by site owners to display a broad range of information, including ads, subscription requests, and discounts.
The vulnerabilities were discovered by Ram Gall, QA Engineer at WordFence. The flaws affect all versions prior to Popup Builder 3.64.1, the most severe one is an
“On March 4th, our Threat Intelligence team discovered several vulnerabilities in Popup Builder, a WordPress plugin installed on over 100,000 sites. One vulnerability allowed an
The problem is that the hook could be abused by unprivileged users because the function it called fails nonce checks or capability checks.
“Typically, attackers use a vulnerability like this to redirect site visitors to
The experts discovered other vulnerabilities that could allow logged-in users (even with low permissions (subscriber)) to access some plugin features, such as the export of newsletter subscribers lists and system configuration info. An attacker could exploit these flaws by sending a simple POST request to admin-post.php.
The flaw tracked CVE-2020-10195 is classified as an Authenticated Settings Modification, Configuration Disclosure, and User Data Export. The issue received a CVSS Score of 6.3 (Medium).
Since Sygnoos fixed the security issues with the release of Popup Builder version 3.64.1, over 33,000 users have updated their installs, this means that over 66,000 sites are still running vulnerable versions of the plugin.
The good news is that experts are not aware of attacks in the wild that attempt to exploit the above flaws.
Unfortunately, the number of attacks attempting to exploit vulnerabilities in WordPress plugins continues to increase. Yesterday I reported the news of a critical vulnerability in WordPress plugin ‘ThemeREX Addons’ that could allow remote attackers to execute arbitrary code.
A few weeks ago researchers at NinTechNet reported an ongoing campaign that was actively exploiting a zero-day flaw in the WordPress Flexible Checkout Fields for WooCommerce plugin. Other attacks recently observed are:
I believe it is very important to protect WordPress install with dedicated solutions, I’m currently using WordFence solution, the company provided with a license to evaluate the premium features.