Description
WordPress Plugin Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, Aweber-MailOptin is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, Aweber-MailOptin version 1.2.19.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.2.20.0 or latest
References
Related Vulnerabilities
WordPress Ultimate Member Plugin Other Vulnerability (CVE-2022-3384)
WordPress Plugin Image News slider 'upload.php' Arbitrary File Upload (3.3)
WordPress Plugin WordPress Sentinel Multiple Vulnerabilities (1.0.0)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-9481)