Code-atlantic Popup Maker — known CVE vulnerabilities
Every CVE whose affected-product data names Code-atlantic Popup Maker, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2019-17574 — CVSS 9.1 (critical): An issue was discovered in the Popup Maker plugin before 1.8.13 for WordPress. An unauthenticated attacker can partially control the…
CVE-2025-24746 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Iser Popup Maker popup-maker…
CVE-2024-2336 — CVSS 6.4 (medium): The Popup Maker – Popup for opt-ins, lead gen, & more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's…
CVE-2024-7054 — CVSS 6.4 (medium): The Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popups Builder plugin for WordPress is vulnerable to…
CVE-2017-2284 — CVSS 6.1 (medium): Cross-site scripting vulnerability in Popup Maker prior to version 1.6.5 allows remote attackers to inject arbitrary web script or HTML via…
CVE-2022-4381 — CVSS 5.4 (medium): The Popup Maker WordPress plugin before 1.16.9 does not validate and escape one of its shortcode attributes, which could allow users with a…
CVE-2024-10583 — CVSS 5.4 (medium): The Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popups Builder plugin for WordPress is vulnerable to…
CVE-2022-4362 — CVSS 5.4 (medium): The Popup Maker WordPress plugin before 1.16.9 does not validate and escape one of its shortcode attributes, which could allow users with a…
CVE-2024-47358 — CVSS 5.3 (medium): Missing Authorization vulnerability in Daniel Iser Popup Maker popup-maker.This issue affects Popup Maker: from n/a through <= 1.19.2.
CVE-2022-47597 — CVSS 5.3 (medium): Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Popup Maker Popup Maker – Popup for opt-ins, lead gen, &…
CVE-2022-3690 — CVSS 4.8 (medium): The Popup Maker WordPress plugin before 1.16.11 does not sanitise and escape some of its Popup options, which could allow users with a role…
CVE-2022-1104 — CVSS 4.8 (medium): The Popup Maker WordPress plugin before 1.16.5 does not sanitise and escape some of its Popup settings, which could allow high privilege…
CVE-2024-5561 — CVSS 4.8 (medium): The Popup Maker WordPress plugin before 1.19.1 does not sanitise and escape some of its settings, which could allow high privilege users…