djbaxter

Administrator
Administrator
Moderator
Joined
Jun 28, 2012
Messages
3,557
Reaction score
1,731
Privilege Escalation Flaw Present In Slick Popup Plugin
Wordfence.com
May 28, 2019

A privilege escalation vulnerability in the Slick Popup plugin, currently active on 7000 websites, has been reported. The flaw allows attackers with Subscriber-level access to create Administrator-level accounts, effectively taking over the site. We contacted the developers with the details on April 22nd and a fix has not yet been released.

Read more...
 

djbaxter

Administrator
Administrator
Moderator
Joined
Jun 28, 2012
Messages
3,557
Reaction score
1,731
Clarification from Wordfence:

At this time, all version of Slick Popup up to 1.7.1 are vulnerable.

Slick Popup still has not released a fix.
 

Login / Register

Already a member?   LOG IN
Not a member yet?   REGISTER

Most UpVoted Answers

LocalU

  Promoted Posts

New advertising option: A review of your product or service posted by a Sterling Sky employee. This will also be shared on the Sterling Sky & LSF Twitter accounts, our Facebook group, LinkedIn, and both newsletters. More...
Google Product Exert


Top Bottom