The Popup Manager WordPress plugin up to and including 1.6.6 does not have authorisation and CSRF checks when deleting popups, which could allow unauthenticated users to delete them
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
popup manager project popup manager |