cleantalk
Vulnerabilities and Security Researches

CM Popup Plugin for WordPress – Popup Maker, bd83e4633dafac3814d85f28a03f71003eba1259

CVE, Research URL

bd83e4633dafac3814d85f28a03f71003eba1259

Home page URL

Security reports for CM Popup Plugin for WordPress – Popup Maker

Application

CM Popup Plugin for WordPress – Popup Maker

Published on
Mar 27, 2020
Research Description
CM Popup Plugin for WordPress &#8211; Popup Maker [cm-pop-up-banners] < 1.5.0 WordPress CM Pop-Up banners plugin <= 1.4.10 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by Jeroen Mulder in WordPress CM Pop-Up banners plugin (versions <= 1.4.10).
Affected versions
Min -, max 1.5.0.
Status
vulnerable
Previous vulnerability researches
CM Popup Plugin for WordPress &#8211; Popup Maker (CVE-2025-54018) , Jul 19, 2025
CM Popup Plugin for WordPress &#8211; Popup Maker (CVE-2023-30750) , Jun 06, 2024
CM Popup Plugin for WordPress &#8211; Popup Maker (bd83e4633dafac3814d85f28a03f71003eba1259) , Jun 06, 2024
CM Popup Plugin for WordPress &#8211; Popup Maker (CVE-2024-11202) , Nov 27, 2024
CM Popup Plugin for WordPress &#8211; Popup Maker (CVE-2025-24758) , Feb 19, 2025
New vulnerability
DB Backup (CVE-2025-50031) , Jul 19, 2025
Vchasno Kasa (CVE-2025-6720) , Jul 19, 2025
Vchasno Kasa (CVE-2025-6721) , Jul 19, 2025
Media Library Assistant (CVE-2025-7035) , Jul 19, 2025
Wallet System for WooCommerce &#8211; Digital Wallet, Cashback Rewards, Recharge User Wallets, View Transaction History (CVE-2025-54041) , Jul 19, 2025