Description
WordPress Plugin Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, Aweber-MailOptin is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently delete the campaign cache. WordPress Plugin Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, Aweber-MailOptin version 1.2.49.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.2.50.0 or latest
References
https://wpscan.com/vulnerability/b9154128-2a30-450e-adc1-4c946cf9784f
https://plugins.svn.wordpress.org/mailoptin/trunk/changelog.txt
Related Vulnerabilities
Oracle Database Server SYS Account privilege issue (CVE-2021-2000)
WordPress Plugin Shopp Arbitrary File Upload (1.4)
Oracle HTTP Server CVE-2020-2952 Vulnerability (CVE-2020-2952)
MySQL CVE-2016-3521 Vulnerability (CVE-2016-3521)
WordPress 'paged' Parameter SQL Injection Vulnerability (2.0.2 - 2.0.5)