cleantalk
Vulnerabilities and Security Researches

Popup Box – Best WordPress Popup Plugin, CVE-2025-69021

CVE, Research URL

CVE-2025-69021

Home page URL

Security reports for Popup Box – Best WordPress Popup Plugin

Application

Popup Box – Best WordPress Popup Plugin

Published on
Dec 30, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Popup box ays-popup-box allows Cross Site Request Forgery.This issue affects Popup box: from n/a through <= 6.0.7.
Affected versions
max 6.0.8.
Status
vulnerable
Previous vulnerability researches
Popup Box &#8211; Best WordPress Popup Plugin (CVE-2024-37096) , Jun 24, 2024
Popup Box &#8211; Best WordPress Popup Plugin (CVE-2026-54192) , Jun 19, 2026
Popup Box &#8211; Best WordPress Popup Plugin (CVE-2024-9599) , May 19, 2025
Popup Box &#8211; Best WordPress Popup Plugin (f76ca70e36e5617655fc90029c18e6f94ba010fc) , Jun 16, 2026
Popup Box &#8211; Best WordPress Popup Plugin (bd2e0643-c83b-4ca6-9332-66e4c49252ba) , Jun 16, 2026
New vulnerability
WP Travel Gutenberg Blocks (CVE-2026-54808) , Jun 19, 2026
BetterDocs – Best Documentation, FAQ &amp; Knowledge Base Plugin with AI Support (CVE-2026-12157) , Jun 19, 2026
Advanced Import : One Click Import for WordPress or Theme Demo Data (CVE-2026-4328) , Jun 19, 2026
Falang multilanguage for WordPress (CVE-2026-54805) , Jun 19, 2026
SMS Alert Order Notifications &#8211; WooCommerce (CVE-2026-54803) , Jun 19, 2026