Arbitrary Post Retrieval Vulnerability in Popup Builder by OptinMonster WordPress Plugin

Arbitrary Post Retrieval Vulnerability in Popup Builder by OptinMonster WordPress Plugin

CVE-2023-0772 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

The Popup Builder by OptinMonster WordPress plugin before 2.12.2 does not ensure that the campaign to be loaded via some shortcodes is actually a campaign, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, like draft, private or even password protected ones.

Learn more about our Wordpress Pen Testing.