cbcvebase.
CVE-2020-10195
published 2020-03-13

CVE-2020-10195: The popup-builder plugin before 3.64.1 for WordPress allows information disclosure and settings modification, leading to in-scope privilege escalation via…

PriorityP336medium6.3CVSS 3.1
AVNACLPRLUINSUCLILAL
EPSS
1.09%
61.2th percentile
The popup-builder plugin before 3.64.1 for WordPress allows information disclosure and settings modification, leading to in-scope privilege escalation via admin-post actions to com/classes/Actions.php. By sending a POST request to wp-admin/admin-post.php, an authenticated attacker with minimal (subscriber-level) permissions can modify the plugin's settings to allow arbitrary roles (including subscribers) access to plugin functionality by setting the action parameter to sgpbSaveSettings, export a list of current newsletter subscribers by setting the action parameter to csv_file, or obtain system configuration information including webserver configuration and a list of installed plugins by setting the action parameter to sgpb_system_info.

Affected

1 ranges
VendorProductVersion rangeFixed in
sygnoospopup_builder< 3.64.13.64.1

CVSS provenance

nvdv3.16.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.