Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Popup Box plugin <= 2.1.2 at WordPress.CreditsVulnerability discovered by 0xB9 (Patchstack Alliance)Referenceshttps://wordpress.org/plugins/popup-box/#developershttps://patchstack.com/database/vulnerability/popup-box/wordpress-popup-box-plugin-2-1-2-authenticated-local-file-inclusion-lfi-vulnerability
