cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-12158,https://securityvulnerability.io/vulnerability/CVE-2024-12158,Unauthorized Data Deletion in Popup Plugin for WordPress,"The Popup – MailChimp, GetResponse and ActiveCampaign Integrations plugin for WordPress is susceptible to an unauthorized data deletion vulnerability due to a missing capability check on the 'upc_delete_db_data' AJAX action. This issue affects all versions of the plugin up to and including version 3.2.6, allowing unauthenticated attackers to delete database entries associated with the plugin, potentially leading to significant data loss for users relying on this integration.",Wordpress,"Popup – Mailchimp, Getresponse And Activecampaign Intergrations",5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-07T04:22:16.501Z,0
CVE-2024-12157,https://securityvulnerability.io/vulnerability/CVE-2024-12157,SQL Injection Vulnerability in Popup Plugin for WordPress by Ultimate Popup Creator,"The Popup – MailChimp, GetResponse, and ActiveCampaign Integrations plugin for WordPress contains a vulnerability that allows SQL Injection through the 'id' parameter in the 'upc_delete_db_record' AJAX action. This occurs due to improper escaping of user-supplied input and inadequate SQL query preparation. As a result, unauthenticated attackers can inject additional SQL statements, potentially allowing unauthorized access to sensitive database information.",Wordpress,"Popup – Mailchimp, Getresponse And Activecampaign Intergrations",7.5,HIGH,0.0008699999889358878,false,,false,false,true,2025-01-07T22:40:05.000Z,true,false,false,,2025-01-07T04:21:58.312Z,0