Back in August through our proactively monitoring for evidence of some high risk vulnerabilities when changes are made to WordPress plugins we found that the plugin WP Post Popup contained an arbitrary file viewing vulnerability. That was subsequently fixed. Through that same monitoring we found that the vulnerability had returned to the plugin.

The only difference from last time is that file

Share This