WordPress Plugin Popup Builder-Create highly converting mobile friendly marketing popups Multiple Vulnerabilities - CVE-2020-10195 - Vulnerability Database

WordPress Plugin Popup Builder-Create highly converting mobile friendly marketing popups Multiple Vulnerabilities - CVE-2020-10195

High
Reference: CVE-2020-10195
Title: WordPress Plugin Popup Builder-Create highly converting mobile friendly marketing popups Multiple Vulnerabilities
Overview:

WordPress Plugin Popup Builder-Create highly converting mobile friendly marketing popups is prone to multiple vulnerabilities including cross-site scripting and security bypass. Exploiting these issues could allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site to steal cookie-based authentication credentials or to perform otherwise restricted actions and subsequently export a list of newsletter subscribers reveal potentially sensitive system configuration information or grant themselves a number of permissions. WordPress Plugin Popup Builder-Create highly converting mobile friendly marketing popups version 3.63 is vulnerable prior versions may also be affected.