Critical Security Issue

  • Resolved axiom28

    (@axiom28)


    2 years, 8 months ago

    Good Day, I see this issue has been reported before, however, I thought it would be useful to indicate the circumstances. The plugin was last updated 3 months ago and has not been tested with the latest version of WordPress.

    In my case the first indicator was when the client indicated the website was not online (may or may not have been the plugin). The host restored the website saying it was some plugin (wp-gol, I have no such plugin) causing a problem after the WordPress update. I went into the backend to find the payment gateway deactivated. I ran a scan with WordFence which indicated a Critical Security Issue with this plugin.

    So I have removed the popup builder plugin and looking for an alternative solution.

Viewing 3 replies - 1 through 3 (of 3 total)
  • espressivo

    (@espressivo)

    2 years, 8 months ago

    Category:PLUGIN

    Versions-Affected:<= 4.1.15

    Type:Cross Site Scripting

    Severity:MEDIUM

    Description:Dipak Panchal (th3.d1pak) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Popup Builder Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

    Peter

    (@hardpeter4u)

    2 years, 8 months ago

    Hi,

    Please update your plugin. I would hate to have to switch to another as yours is the best for me.

    Thank you!!!

    Plugin Support Jawada

    (@jawada)

    2 years, 7 months ago

    Hello,

    We’re excited to announce the release of Popup Builder Version 4.2.0. We encourage you to upgrade to this latest version. If you have any inquiries or need assistance, feel free to reach out to us via our support portal. We’re here to help!

    https://help.popup-builder.com/en/

    Sincerely,

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Critical Security Issue’ is closed to new replies.