CVE-2024-9061

The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress is vulnerable to arbitrary shortcode execution via the wp_ajax_nopriv_shortcode_Api_Add AJAX action in all versions up to, and including, 1.3.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. NOTE: This vulnerability was partially fixed in version 1.3.5 with a nonce check, which effectively prevented access to the affected function. However, version 1.3.6 incorporates the correct authorization check to prevent unauthorized access.
Configurations

Configuration 1 (hide)

cpe:2.3:a:themehunk:wp_popup_builder:*:*:*:*:*:wordpress:*:*

History

30 Oct 2024, 21:11

Type Values Removed Values Added
CPE cpe:2.3:a:themehunk:wp_popup_builder:*:*:*:*:*:wordpress:*:*
First Time Themehunk
Themehunk wp Popup Builder
CVSS v2 : unknown
v3 : 7.3
v2 : unknown
v3 : 9.8
References () https://plugins.trac.wordpress.org/changeset/3166506/wp-popup-builder - () https://plugins.trac.wordpress.org/changeset/3166506/wp-popup-builder - Patch
References () https://www.wordfence.com/threat-intel/vulnerabilities/id/0cac1dc0-87dc-43eb-9db1-638a91200b43?source=cve - () https://www.wordfence.com/threat-intel/vulnerabilities/id/0cac1dc0-87dc-43eb-9db1-638a91200b43?source=cve - Third Party Advisory

16 Oct 2024, 16:38

Type Values Removed Values Added
Summary
  • (es) El complemento The WP Popup Builder – Popup Forms and Marketing Lead Generation para WordPress es vulnerable a la ejecución de shortcode arbitrario a través de la acción AJAX wp_ajax_nopriv_shortcode_Api_Add en todas las versiones hasta la 1.3.5 incluida. Esto se debe a que el software permite a los usuarios ejecutar una acción que no valida correctamente un valor antes de ejecutar do_shortcode. Esto hace posible que atacantes no autenticados ejecuten shortcodes arbitrarios. NOTA: Esta vulnerabilidad se solucionó parcialmente en la versión 1.3.5 con una comprobación de nonce, que impidió de manera efectiva el acceso a la función afectada. Sin embargo, la versión 1.3.6 incorpora la comprobación de autorización correcta para evitar el acceso no autorizado.

16 Oct 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-16 08:15

Updated : 2024-10-30 21:11


NVD link : CVE-2024-9061

Mitre link : CVE-2024-9061

CVE.ORG link : CVE-2024-9061


JSON object : View

Products Affected

themehunk

  • wp_popup_builder
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')