cleantalk
Vulnerabilities and Security Researches

CM Popup Plugin for WordPress – Popup Maker, b9d2f603-fd4a-4028-9799-7a88f2ce279c

CVE, Research URL

b9d2f603-fd4a-4028-9799-7a88f2ce279c

Home page URL

Security reports for CM Popup Plugin for WordPress – Popup Maker

Application

CM Popup Plugin for WordPress – Popup Maker

Published on
-
Research Description
CM Pop-Up &#8211; Create engaging popups to capture attention and boost interaction [cm-pop-up-banners] < 1.4.11 CM Pop-Up banners &lt; 1.4.11 - Authenticated Stored XSS When saving a new campaign, a user with edit_pages capabilities can store scripts in the campaign&rsquo;s pop-up content. The code can then be executed on every page on the website.
Affected versions
max 1.4.11.
Status
vulnerable
Previous vulnerability researches
CM Popup Plugin for WordPress &#8211; Popup Maker (CVE-2025-54018) , Jul 19, 2025
CM Popup Plugin for WordPress &#8211; Popup Maker (CVE-2023-30750) , Jun 06, 2024
CM Popup Plugin for WordPress &#8211; Popup Maker (bd83e4633dafac3814d85f28a03f71003eba1259) , Jun 06, 2024
CM Popup Plugin for WordPress &#8211; Popup Maker (CVE-2024-5004) , Jun 14, 2026
CM Popup Plugin for WordPress &#8211; Popup Maker (b9d2f603-fd4a-4028-9799-7a88f2ce279c) , Jun 16, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026