Critical severity9.1NVD Advisory· Published Oct 14, 2019· Updated Jun 17, 2026
CVE-2019-17574
CVE-2019-17574
Description
An issue was discovered in the Popup Maker plugin before 1.8.13 for WordPress. An unauthenticated attacker can partially control the arguments of the do_action function to invoke certain popmake_ or pum_ methods, as demonstrated by controlling content and delivery of popmake-system-info.txt (aka the "support debug text file").
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Popup Makerdescription
Patches
Vulnerability mechanics
References
3- blog.redyops.com/wordpress-plugin-popup-maker/nvdExploitThird Party Advisory
- wpvulndb.com/vulnerabilities/9907nvdThird Party Advisory
- github.com/PopupMaker/Popup-Maker/blob/master/CHANGELOG.mdnvdRelease Notes
News mentions
0No linked articles in our index yet.