Unauthenticated Data Autoload Vulnerability in Custom Popup Builder WordPress Plugin
CVE-2022-0214 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog
Learn more about our Wordpress Pen Testing.