CVE-2022-29445

Name of the Vulnerable Software and Affected Versions Wow-Company's Popup Box plugin versions <= 2.1.2

Description The issue is related to an Authenticated Local File Inclusion (LFI) vulnerability. This means that an attacker with administrator or higher role privileges can potentially include and execute local files on the server. The estimated number of potentially affected devices worldwide is not specified. There is no information provided about real-world incidents where this issue was exploited.

Recommendations For Wow-Company's Popup Box plugin versions <= 2.1.2, update to a version higher than 2.1.2 to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionality for users with administrator or higher roles until a patch is available.