Popup Builder WordPress Plugin Missing Authorization Vulnerability Allows Arbitrary Settings Reset
Vulnerability
A vulnerability exists in the Popup Builder (Easy Notify Lite) WordPress plugin, all versions through 1.1.37. The issue arises from a missing capability check in the easynotify_cp_reset() function, allowing authenticated attackers with Subscriber-level access and above to reset the plugin's settings to default.
Impact
Exploitation of this vulnerability allows for unauthorized users to reset the plugin's settings, potentially disrupting any custom configurations.
Reproduction
To reproduce this vulnerability, an authenticated user with Subscriber-level access can send a request to the easynotify_cp_reset() function via the WordPress admin AJAX interface. This request can include a command to reset the settings, which will then be restored to their default values.
Remediation
No patch is currently available. Users are advised to review the vulnerability details and consider uninstalling the affected plugin.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.