WP Popup Builder Popup Forms and Marketing Lead Generation 漏洞列表

共找到 2 个与 WP Popup Builder Popup Forms and Marketing Lead Generation 相关的漏洞

📅 加载漏洞趋势中...

CVE-2024-9061: WP Popup Builder Popup Forms and Marketing Lead Generation <= 1.3.5 - Arbitrary Shortcode Execution POC

日期: 2025-08-01 | 影响软件: WP Popup Builder Popup Forms and Marketing Lead Generation

The The WP Popup Builder Popup Forms and Marketing Lead Generation plugin for WordPress is vulnerable to arbitrary shortcode execution via the wp_ajax_nopriv_shortcode_Api_Add AJAX action in all versions up to, and including, 1.3.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
CVE-2024-9061: WP Popup Builder Popup Forms and Marketing Lead Generation <= 1.3.5 - Arbitrary Shortcode Execution POC

日期: 2025-08-01 | 影响软件: WP Popup Builder Popup Forms and Marketing Lead Generation

The The WP Popup Builder Popup Forms and Marketing Lead Generation plugin for WordPress is vulnerable to arbitrary shortcode execution via the wp_ajax_nopriv_shortcode_Api_Add AJAX action in all versions up to, and including, 1.3.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.