Flawed WordPress popup plugin allows attackers to inject malicious code

Vulnerabilities have been discovered in a popular WordPress plugin called Popup Builder which could allow unauthenticated attackers to inject malicious JavaScript code into popups in order to steal information and even potentially take full control over targeted sites.

The plugin gives site owners the ability to create, deploy and manage customizable popups using a range of different content from HTML and JavaScript code to images and videos. Sygnoos, the developer of Popup Builder, says that businesses can utilize it to increase their sales and revenue through its smart popups that can be used to display ads, subscription requests, discounts and other promotional content.

Source Article

Frederic M. Kolodziej

Next Post

Apple probably doesn’t know how to fix your broken Mac Pro

Mon Mar 16 , 2020
That’s according to a report at Apple Insider, which reveals that many of Apple’s employees are still not trained to deal with Mac Pro problems more than three months after its initial release. One employee it came into contact didn’t even know how to power it –  attempting to power […]