cleantalk
Vulnerabilities and Security Researches

Popup Box – Best WordPress Popup Plugin, CVE-2026-54192

CVE, Research URL

CVE-2026-54192

Home page URL

Security reports for Popup Box – Best WordPress Popup Plugin

Application

Popup Box – Best WordPress Popup Plugin

Published on
Jun 17, 2026
Research Description
Unauthenticated Cross Site Scripting (XSS) in Popup box <= 6.2.9 versions.
Affected versions
max 6.3.0.
Status
vulnerable
Previous vulnerability researches
Web Push Notifications by PushEngage: WordPress Push Notifications to Supercharge Your Engagement (CVE-2026-52698) , Jun 19, 2026
New vulnerability
WP Scraper (CVE-2025-69129) , Jun 19, 2026
WP Scraper (CVE-2025-69131) , Jun 19, 2026
UsersWP &#8211; Front-end login form, User Registration, User Profile &amp; Members Directory plugin for WordPress (CVE-2026-12102) , Jun 19, 2026
Popup Box &#8211; Best WordPress Popup Plugin (CVE-2026-54192) , Jun 19, 2026
Simple Membership (CVE-2026-12093) , Jun 19, 2026