cleantalk
Vulnerabilities and Security Researches

Fast & Effective Popups & Lead-Generation for WordPress – HollerBox, CVE-2023-2111

CVE, Research URL

CVE-2023-2111

Home page URL

Security reports for Fast & Effective Popups & Lead-Generation for WordPress – HollerBox

Application

Fast & Effective Popups & Lead-Generation for WordPress – HollerBox

Published on
May 30, 2023
Research Description
The Fast & Effective Popups & Lead-Generation for WordPress plugin before 2.1.4 concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's database.
Affected versions
max 2.1.4.
Status
vulnerable
Previous vulnerability researches
Fast & Effective Popups & Lead-Generation for WordPress – HollerBox (ea1743a404554a3ca4ad07e78b195d7f0d893a95) , Jun 07, 2024
Fast & Effective Popups & Lead-Generation for WordPress – HollerBox (CVE-2023-2111) , Jun 07, 2024
Fast & Effective Popups & Lead-Generation for WordPress – HollerBox (CVE-2023-41657) , Jun 07, 2024
Fast & Effective Popups & Lead-Generation for WordPress – HollerBox (CVE-2026-48885) , Jun 06, 2026
New vulnerability
SEO Plugin by Squirrly SEO (CVE-2026-7624) , Jun 06, 2026
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates (CVE-2026-10586) , Jun 06, 2026
Fast & Effective Popups & Lead-Generation for WordPress – HollerBox (CVE-2026-48885) , Jun 06, 2026
Contact Form by WPForms – Drag & Drop Form Builder for WordPress (CVE-2026-7792) , Jun 06, 2026
Slider by Soliloquy – Responsive Image Slider for WordPress (CVE-2019-25743) , Jun 06, 2026