Description
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more version 1.8.11 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.8.13 or latest
References
https://blog.redyops.com/wordpress-plugin-popup-maker/
https://plugins.svn.wordpress.org/popup-maker/trunk/readme.txt
Related Vulnerabilities
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.11)
phpMyFAQ Other Vulnerability (CVE-2004-2257)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5062)
Nginx Improper Certificate Validation Vulnerability (CVE-2021-3618)
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-26070)