Security News > 2021 > January > Many WordPress Sites Affected by Vulnerabilities in 'Popup Builder' Plugin
Multiple vulnerabilities patched recently in the popular WordPress plugin Popup Builder could be exploited to perform various malicious actions on affected websites.
With over 200,000 installations to date, "Popup Builder - Responsive WordPress Pop up - Subscription & Newsletter" is a plugin that helps WordPress site owners create, customize, and manage promotion modal popups.
Discovered by researchers at website security company WebARX, the recently addressed issues are caused by the lack of authorization on most AJAX methods, and impact all Popup Builder versions up to 3.71.
The bugs, WebARX explains, exist because the AJAX methods fail to check the capability of the user, although a method to perform the check has been implemented in the plugin.
The plugin does perform the check of a nonce token, and any user - regardless of capability - who can pass the check can execute the vulnerable AJAX methods, as the nonce token is sent to all users.
WebARX' researchers have detailed some of the vulnerable methods, but refrained from publishing information on all of them, given that a large number of methods are affected.