CVE-2024-0844

The Popup More Popups, Lightboxes, and more popup modules plugin for WordPress is vulnerable to Local File Inclusion in version 2.1.6 via the ycfChangeElementData function. This makes it possible for authenticated attackers, with administrator-level access and above, to include and execute...

Design/Logic Flaw

The Popup More Popups, Lightboxes, and more popup modules plugin for WordPress is vulnerable to Local File Inclusion in version 2.1.6 via the ycfChangeElementData function. This makes it possible for authenticated attackers, with administrator-level access and above, to include and execute...

CVE-2024-0844

CVE-2024-0844 affects the WordPress plugin Popup More Popups, Lightboxes, and more popup modules (version ≤ 2.2.4) and enables Local File Inclusion via ycfChangeElementData(), allowing an authenticated administrator or higher to include and execute PHP code from files ending in Form.php. Impact i...

WordPress plugin Popup More Popups, Lightboxes, and more popup modules Security Vulnerabilities

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2024-15861 · WordPress · Popup More Popups

Name of the Vulnerable Software and Affected Versions: The Popup More Popups, Lightboxes, and more popup modules plugin for WordPress version 2.1.6 Description: The issue allows authenticated attackers with administrator-level access and above to include and execute arbitrary files ending with...