๐ CVE-2020-9006 | Popup Builder Plugin up to 2.6.7.6 on WordPress Administrator Account sg_popup_ajax.php sgImportPopups attachmentUrl sql injection
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vuldb.com
A vulnerability, which was classified as critical, was found in Popup Builder Plugin up to 2.6.7.6 on WordPress. This affects the function sgImportPopups
of the file sg_popup_ajax.php of the component Administrator Account. The manipulation of the argument attachmentUrl as part of Variable leads to sql injection.
This vulnerability is uniquely identified as CVE-2020-9006. It is possible to initiate the attack remotely. There is no exploit available. ...