3 matches found
CVE-2022-29445 WordPress Popup Box plugin <= 2.1.2 - Authenticated Local File Inclusion (LFI) vulnerability
Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Popup Box plugin = 2.1.2 at WordPress...
CVE-2022-29445
CVE-2022-29445 affects the WordPress Popup Box plugin (versions ≤ 2.1.2). The issue is an Authenticated Local File Inclusion (LFI) vulnerability that arises because the plugin (likely in the include path logic) does not properly validate the current tab before including a file, enabling an admini...
CVE-2022-29445
Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Popup Box plugin = 2.1.2 at WordPress...