CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-15867

The slick-popup plugin before 1.7.2 for WordPress has a hardcoded OmakPass13# password for the slickpopupteam account, after a Subscriber calls a certain AJAX action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 77.5%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

https://wordpress.org/plugins/slick-popup/#developers
https://wpvulndb.com/vulnerabilities/9317
https://www.wordfence.com/blog/2019/05/privilege-escalation-flaw-present-in-slick-popup-plugin/
https://wordpress.org/plugins/slick-popup/#developers
https://wpvulndb.com/vulnerabilities/9317
https://www.wordfence.com/blog/2019/05/privilege-escalation-flaw-present-in-slick-popup-plugin/

Products affected by CVE-2019-15867

Omaksolutions » Slick-Popup » Version: Any

cpe:2.3:a:omaksolutions:slick-popup:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-15867

Products

Pricing

Contact Us