cleantalk
Vulnerabilities and Security Researches

Popup Maker – Popup for opt-ins, lead gen, & more, c5aa28f4a3ad15c66fb8396a3d2622eb4d13577b

CVE, Research URL

c5aa28f4a3ad15c66fb8396a3d2622eb4d13577b

Home page URL

Security reports for Popup Maker – Popup for opt-ins, lead gen, & more

Application

Popup Maker – Popup for opt-ins, lead gen, & more

Published on
Mar 09, 2023
Research Description
Popup Maker &#8211; Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popup Builder [popup-maker] < 1.18.1 WordPress Popup Maker Plugin <= 1.18.0 is vulnerable to Cross Site Request Forgery (CSRF) Update the WordPress Popup Maker plugin to the latest available version (at least 1.18.1). Unknown discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Popup Maker Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. For example a password change which will then allow the malicious actor to login into the admin account. This vulnerability has been fixed in version 1.18.1.
Affected versions
max 1.18.1.
Status
vulnerable
Previous vulnerability researches
MapifyLite (by MapifyPro) (e5bfd53d-0d9a-42f2-8af8-5bb710bac828) , Jun 16, 2026
MapifyLite (by MapifyPro) (6be590d56cf666ad67a6e008b71242e607d966ea) , Jun 16, 2026
MapifyLite (by MapifyPro) (d7a357e358b4eb001b41f84d3531981914480734) , Jun 07, 2024
New vulnerability
Custom Order Status for WooCommerce (8e67b1e8-1172-4634-9dac-93f54297931a) , Jun 16, 2026
WPshop 2 &#8211; E-Commerce (405aa69006f803e554963210e83e3bd549a1ebe1) , Jun 16, 2026
WPshop 2 &#8211; E-Commerce (85bb2718-2228-4405-8b50-76995dbf6862) , Jun 16, 2026
WPshop 2 &#8211; E-Commerce (0f9c01caef7f6babf3ec24ce1fd97b741071e5b9) , Jun 16, 2026
WPshop 2 &#8211; E-Commerce (6d9637e162c1f4d521a590681b37fa2918babece) , Jun 16, 2026