Description
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more version 1.8.11 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.8.13 or latest
References
https://blog.redyops.com/wordpress-plugin-popup-maker/
https://plugins.svn.wordpress.org/popup-maker/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin Deny All Firewall Cross-Site Request Forgery (1.1.6)
PHP Numeric Errors Vulnerability (CVE-2008-2107)
Magento Insufficient Session Expiration Vulnerability (CVE-2021-21031)
Oracle JRE CVE-2023-21830 Vulnerability (CVE-2023-21830)
WordPress Plugin AStickyPostOrderER Cross-Site Scripting (0.3.1)