Map Labs

Security vulnerability in WordPress Slick Popup Plugin

More threads by djbaxter

djbaxter

djbaxter

Administrator
Joined
Jun 28, 2012
Messages
3,778
Solutions
2
Reaction score
1,877
Privilege Escalation Flaw Present In Slick Popup Plugin
Wordfence.com
May 28, 2019

A privilege escalation vulnerability in the Slick Popup plugin, currently active on 7000 websites, has been reported. The flaw allows attackers with Subscriber-level access to create Administrator-level accounts, effectively taking over the site. We contacted the developers with the details on April 22nd and a fix has not yet been released.
Click to expand...

Read more...
 
Clarification from Wordfence:

At this time, all version of Slick Popup up to 1.7.1 are vulnerable.
Click to expand...

Slick Popup still has not released a fix.
 
You must log in or register to reply here.

Similar threads

djbaxter
Important WordPress 5.8.3 Security Release
Replies
0
Views
3K
djbaxter
djbaxter
djbaxter
Ninja Forms WordPress Plugin: High Severity Vulnerability Patched
Replies
0
Views
2K
djbaxter
djbaxter
djbaxter
WordPress: Contact Form 7 File Upload Vulnerability
Replies
0
Views
4K
djbaxter
djbaxter
djbaxter
WordPress Sites Targeted in Large-Scale Attacks
Replies
0
Views
3K
djbaxter
djbaxter
djbaxter
Zero-Day Vulnerability in ThemeREX Addons Plugin
Replies
0
Views
2K
djbaxter
djbaxter

Login / Register

Already a member?   LOG IN
Not a member yet?   REGISTER

Share this page

LocalU Event

LocalU Webinar

Newest Posts

Trending: Most Replies

Trending: Most Viewed

  Promoted Posts

New advertising option: A review of your product or service posted by a Sterling Sky employee. This will also be shared on the Sterling Sky & LSF Twitter accounts, our Facebook group, LinkedIn, and both newsletters. More...

  Local Search Pros Facebook

Top Bottom