Lucene search
GoogleOSV:CVE-2019-17574HistoryOct 14, 2019 - 2:15 p.m.
CVE-2019-17574
2019-10-1414:15:10
Google
osv.dev
2
An issue was discovered in the Popup Maker plugin before 1.8.13 for WordPress. An unauthenticated attacker can partially control the arguments of the do_action function to invoke certain popmake_ or pum_ methods, as demonstrated by controlling content and delivery of popmake-system-info.txt (aka the “support debug text file”).
| CPE | Name | Operator | Version |
|---|---|---|---|
| popup-maker | eq | 1.4.19 | |
| popup-maker | eq | 1.5.0 | |
| popup-maker | eq | 1.7.26 | |
| popup-maker | eq | 1.3.5 | |
| popup-maker | eq | 1.4.20 | |
| popup-maker | eq | 1.5.3 | |
| popup-maker | eq | 1.8.7 | |
| popup-maker | eq | 1.7.29 | |
| popup-maker | eq | 1.5.7 | |
| popup-maker | eq | 1.4.16 |
Related
nuclei
nuclei
Popup-Maker < 1.8.12 - Broken Authentication
2023-07-12 09:13:01
Popup-Maker < 1.8.12 - Broken Authentication
2023-07-12 09:13:01
cvelist
cvelist
CVE-2019-17574
2019-10-14 13:55:36
nvd
nvd
CVE-2019-17574
2019-10-14 14:15:10
cve
cve
CVE-2019-17574
2019-10-14 14:15:10
openvas
openvas
WordPress Popup Maker Plugin < 1.8.13 Authorization Bypass Vulnerability
2023-02-23 00:00:00
wpvulndb
wpvulndb
Popup-Maker < 1.8.12 - Multiple Vulnerabilities
2019-10-14 00:00:00
prion
prion
Deserialization of untrusted data
2019-10-14 14:15:00
wpexploit
wpexploit
Popup-Maker < 1.8.12 - Multiple Vulnerabilities
2019-10-14 00:00:00