CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
What the vulnerability does
The PopupKit plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.2.0. This is due to the plugin not properly verifying that a user is authorized to access the /popup/logs REST API endpoint. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read and delete analytics data including device types, browser information, countries, referrer URLs, and campaign metrics.
Explanation of Vulnerability in Simple Terms
The Popup Builder plugin for WordPress contains an authorization flaw that allows authenticated users with low privileges to read and modify data they should not have access to. An attacker with a basic user account can view sensitive popup configuration and targeting data, and make unauthorized changes to popup settings. This affects all versions up to 2.2.0.
What an attacker can do
Read and modify popup configurations and targeting data without proper authorization.
Potential impact on your site
Unauthorized users can view and alter popup campaigns, potentially disrupting marketing efforts or exposing sensitive configuration.
Conditions required to exploit
Attacker must have a low-privilege WordPress user account (e.g., subscriber or contributor role).
Key dates
External resources
Related vulnerabilities
