Plataforma
wordpress
Componente
wp-popup-optin
Corrigido em
1.4.1
1.4.1
CVE-2026-4131 describes a Cross-Site Scripting (XSS) vulnerability present in the WP Responsive Popup + Optin plugin for WordPress. This flaw allows unauthenticated attackers to manipulate plugin settings, potentially leading to malicious code execution on the site. The vulnerability affects versions of the plugin up to and including 1.4, and a fix is available in a subsequent release. Addressing this vulnerability is crucial to protect WordPress sites from potential compromise.
The primary impact of CVE-2026-4131 lies in the attacker's ability to modify plugin settings through Cross-Site Request Forgery (CSRF). Specifically, an attacker could alter the 'wpoimageurl' parameter, potentially injecting malicious JavaScript code. This could lead to various consequences, including redirecting users to phishing sites, stealing user credentials, or defacing the website. While the vulnerability requires tricking an administrator into performing an action, the potential for widespread impact across a WordPress site is significant, especially if administrators are frequently targeted with social engineering attacks. The lack of nonce verification makes exploitation relatively straightforward.
CVE-2026-4131 was published on April 21, 2026. There is no indication of this vulnerability being actively exploited in the wild at this time. The vulnerability is not currently listed on KEV or EPSS, suggesting a low probability of exploitation. Public Proof-of-Concept (PoC) code is not widely available, but the vulnerability's nature makes it relatively easy to exploit given administrator access.
Status do Exploit
EPSS
0.01% (percentil 1%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2026-4131 is to upgrade the WP Responsive Popup + Optin plugin to a version that includes nonce generation and verification. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing a Web Application Firewall (WAF) rule to block requests to the wpoadminpage.php endpoint without proper authentication. Additionally, educate administrators about the risks of clicking on suspicious links and performing actions without verifying the source. There are no specific Sigma or YARA rules applicable to this vulnerability, as it relies on CSRF and manipulation of plugin settings. After upgrading, confirm the fix by attempting to access the admin page and verifying that nonce fields are present and correctly validated.
Nenhum patch conhecido disponível. Por favor, revise os detalhes da vulnerabilidade em profundidade e empregue mitigações com base na tolerância ao risco da sua organização. Pode ser melhor desinstalar o software afetado e encontrar um substituto.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2026-4131 is a Cross-Site Scripting (XSS) vulnerability affecting the WP Responsive Popup + Optin plugin for WordPress versions up to 1.4. It allows attackers to modify plugin settings via forged requests, potentially leading to malicious code execution.
You are affected if your WordPress site uses the WP Responsive Popup + Optin plugin and is running version 1.4 or earlier. Check your plugin version and upgrade immediately.
Upgrade the WP Responsive Popup + Optin plugin to the latest available version. If upgrading is not possible, implement a WAF rule to block suspicious requests to the admin page.
There is currently no evidence of CVE-2026-4131 being actively exploited in the wild, but the vulnerability's ease of exploitation warrants prompt mitigation.
Refer to the plugin developer's website or the WordPress plugin repository for the latest advisory and update information regarding CVE-2026-4131.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.