cleantalk
Vulnerabilities and Security Researches

CM Popup Plugin for WordPress – Popup Maker, b9d2f603-fd4a-4028-9799-7a88f2ce279c

CVE, Research URL

b9d2f603-fd4a-4028-9799-7a88f2ce279c

Home page URL

Security reports for CM Popup Plugin for WordPress – Popup Maker

Application

CM Popup Plugin for WordPress – Popup Maker

Published on
-
Research Description
CM Pop-Up &#8211; Create engaging popups to capture attention and boost interaction [cm-pop-up-banners] < 1.4.11 CM Pop-Up banners &lt; 1.4.11 - Authenticated Stored XSS When saving a new campaign, a user with edit_pages capabilities can store scripts in the campaign&rsquo;s pop-up content. The code can then be executed on every page on the website.
Affected versions
max 1.4.11.
Status
vulnerable
Previous vulnerability researches
My auctions allegro (CVE-2025-27009) , Apr 16, 2025
My auctions allegro (CVE-2024-11707) , Dec 06, 2024
My auctions allegro (CVE-2025-68567) , Jan 10, 2026
My auctions allegro (CVE-2025-68566) , Jan 10, 2026
My auctions allegro (CVE-2025-12851) , Dec 10, 2025
New vulnerability
All-In-One Security (AIOS) – Security and Firewall (4d6a4031a3cbd06a805b4c3c43fcc3b4e230a014) , Jun 16, 2026
All-In-One Security (AIOS) – Security and Firewall (cd6aef3988216292b57b1723a1244639a4507466) , Jun 16, 2026
All-In-One Security (AIOS) – Security and Firewall (adfefe17891bc731561e1dd6a68645c45ddce82b) , Jun 16, 2026
All-In-One Security (AIOS) – Security and Firewall (f57c9765198dd8a6cc7f39cac9914dece351c437) , Jun 16, 2026
All-In-One Security (AIOS) – Security and Firewall (fb95e51b7acae41ce9b6896cafc39abf51b71f69) , Jun 16, 2026