Security vulnerability in WordPress Slick Popup Plugin

djbaxter

Administrator
Joined
Jun 28, 2012
Messages
2,732
Privilege Escalation Flaw Present In Slick Popup Plugin
Wordfence.com
May 28, 2019

A privilege escalation vulnerability in the Slick Popup plugin, currently active on 7000 websites, has been reported. The flaw allows attackers with Subscriber-level access to create Administrator-level accounts, effectively taking over the site. We contacted the developers with the details on April 22nd and a fix has not yet been released.
Read more...
 

djbaxter

Administrator
Joined
Jun 28, 2012
Messages
2,732
Clarification from Wordfence:

At this time, all version of Slick Popup up to 1.7.1 are vulnerable.
Slick Popup still has not released a fix.
 

Promoted Posts

New advertising option: a promoted post by a Sterling Sky employee reviewing your product or service; this will also be shared on the Sterling Sky & LSF Twitter accounts, our Facebook group, LinkedIn, and both newsletters. More information...

Weekly Digest


Weekly Digest
Subscribe/Unsubscribe

Local Search Forum


Google Product Exert

@LocalSearchLink

Join Our Facebook Group

Top