EPSS
Percentile
85.2%
SQL injection (SQLi) vulnerability discovered by ZeroAuth in WordPress Popup Builder plugin (versions <= 2.6.7.6).
Update the WordPress Popup Builder plugin to the latest available version (at least 3.0.2)
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9006
wordpress.org/plugins/popup-builder/#developers
zeroauth.ltd/blog/2020/02/16/cve-2020-9006-popup-builder-wp-plugin-sql-injection-via-php-deserialization/