CyberSec.Space Logo
Back to CVE Browser

CVE-2021-25082

HIGH
8.8
CVSS Severity Score
EPSS Score0.0890%
EPSS Percentile26.69th
PublishedFeb 21, 2022
Last ModifiedNov 21, 2024

Vulnerability Description

The Popup Builder WordPress plugin before 4.0.7 does not validate and sanitise the sgpb_type parameter before using it in a require statement, leading to a Local File Inclusion issue. Furthermore, since the beginning of the string can be controlled, the issue can lead to RCE vulnerability via wrappers such as PHAR

Affected Platforms (CPE)

πŸ“¦
Sygnoos

Popup Builder

< 4.0.7

References & Advisories

πŸ”— https://plugins.trac.wordpress.org/changeset/2659117
πŸ”— https://wpscan.com/vulnerability/0f90f10c-4b0a-46da-ac1f-aa6a03312132
πŸ”— https://plugins.trac.wordpress.org/changeset/2659117
πŸ”— https://wpscan.com/vulnerability/0f90f10c-4b0a-46da-ac1f-aa6a03312132

Related Vulnerabilities

CVE-2019-146959.8

A SQL injection vulnerability exists in the Sygnoos Popup Builder plugin before 3.45 for WordPress. Successful exploitation of thi...

CVE-2020-90069.8

The Popup Builder plugin 2.2.8 through 2.6.7.6 for WordPress is vulnerable to SQL injection (in the sgImportPopups function in sg_...

CVE-2020-101956.3

The popup-builder plugin before 3.64.1 for WordPress allows information disclosure and settings modification, leading to in-scope ...

CVE-2020-101966.1

An XSS vulnerability in the popup-builder plugin before 3.64.1 for WordPress allows remote attackers to inject arbitrary JavaScrip...