2022-12-19 13:41:48
WPScan
PUBLISHED
The Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF checks when deleting popups, which could allow unauthenticated users to delete them