This security bulletin contains one medium risk vulnerability.
1) Improper Authorization
EUVDB-ID: #VU57927
Risk: Medium
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-39341
CWE-ID: CWE-285 - Improper Authorization
Exploit availability: No
Description
The vulnerability allows a remote attacker to bypass authorization check.
The vulnerability exists due to insufficient authorization validation within the "logged_in_or_has_api_key" function in the ~/OMAPI/RestApi.php file. A remote attacker can gain access to sensitive information and update settings.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Popups by OptinMonster – Best WordPress Lead Generation Plugin: 0.9.8, 0.9.9, 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.0.3, 1.0.0.4, 1.0.0.5, 1.0.0.6, 1.0.0.7, 1.0.0.8, 1.0.0.9, 1.1.0, 1.1.0.1, 1.1.0.2, 1.1.0.3, 1.1.0.4, 1.1.0.5, 1.1.1, 1.1.2, 1.1.2.1, 1.1.2.2, 1.1.2.3, 1.1.2.4, 1.1.2.5, 1.1.2.6, 1.1.2.7, 1.1.3, 1.1.3.1, 1.1.3.2, 1.1.3.3, 1.1.3.4, 1.1.3.5, 1.1.3.6, 1.1.3.7, 1.1.3.8, 1.1.3.9, 1.1.4, 1.1.4.2, 1.1.4.3, 1.1.4.4, 1.1.4.5, 1.1.4.6, 1.1.4.7, 1.1.5, 1.1.5.1, 1.1.5.2, 1.1.5.3, 1.1.5.4, 1.1.5.5, 1.1.5.6, 1.1.5.7, 1.1.5.8, 1.1.5.9, 1.1.6, 1.1.6.1, 1.1.6.2, 1.1.7, 1.1.8, 1.1.9, 1.2.0, 1.2.1, 1.2.2, 1.3.0, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.4.2, 1.5.1, 1.5.2, 1.6.3, 1.6.4, 1.6.5, 1.6.6, 1.6.7, 1.6.8, 1.6.9, 1.7.0, 1.8.1, 1.8.2, 1.8.3, 1.8.4, 1.9.0, 1.9.1, 1.9.3, 1.9.4, 1.9.5, 1.9.6, 1.9.7, 1.9.8, 1.9.9, 1.9.10, 1.9.11, 1.9.12, 1.9.13, 1.9.14, 1.9.15, 1.9.16, 1.9.17, 1.9.18, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.2.1, 2.2.2, 2.3.2, 2.3.3, 2.3.4, 2.3.5, 2.4.1, 2.4.2, 2.4.3, 2.5.0, 2.5.1, 2.5.2, 2.5.3, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4
CPE2.3
External links
http://www.wordfence.com/blog/2021/10/1000000-sites-affected-by-optinmonster-vulnerabilities/http://wordfence.com/vulnerability-advisories/#CVE-2021-39341http://plugins.trac.wordpress.org/browser/optinmonster/trunk/OMAPI/RestApi.php?rev=2606519#L1460
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
..Support the originator by clicking the read the rest link below.