Themehunk

Wp Popup Builder

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-62902

  • EPSS 0.06%
  • Veröffentlicht 27.10.2025 01:33:50
  • Zuletzt bearbeitet 20.01.2026 15:18:03

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHunk WP Popup Builder wp-popup-builder allows Retrieve Embedded Sensitive Data.This issue affects WP Popup Builder: from n/a through <= 1.3.6.

9.8

CVE-2024-9061

  • EPSS 89%
  • Veröffentlicht 16.10.2024 08:15:07
  • Zuletzt bearbeitet 30.10.2024 21:11:17

The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress is vulnerable to arbitrary shortcode execution via the wp_ajax_nopriv_shortcode_Api_Add AJAX action in all versions up to, and including, 1.3.5. This is due to ...

6.1

CVE-2022-2404

Exploit
  • EPSS 0.22%
  • Veröffentlicht 26.09.2022 13:15:10
  • Zuletzt bearbeitet 21.05.2025 20:15:26

The WP Popup Builder WordPress plugin before 1.2.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting

4.3

CVE-2022-2405

Exploit
  • EPSS 0.08%
  • Veröffentlicht 26.09.2022 13:15:10
  • Zuletzt bearbeitet 21.05.2025 20:15:26

The WP Popup Builder WordPress plugin before 1.2.9 does not have authorisation and CSRF check in an AJAX action, allowing any authenticated users, such as subscribers to delete arbitrary Popup