| CVE-2025-4205 | Popup Maker <= 1.20.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via popupID Parameter | danieliser | Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popup Builder | Medium | 6.4 | 2025-06-03 11:22:26 | Deep Dive |
| CVE-2024-10504 | ARForms Builder < 1.7.1 - Unauthenticated Stored XSS | Unknown | Contact Form, Survey, Quiz & Popup Form Builder | - | - | 2025-05-15 20:06:44 | Deep Dive |
| CVE-2025-2011 | Slider & Popup Builder by Depicter <= 3.6.1 - Unauthenticated SQL Injection via 's' Parameter | averta | Depicter — Popup & Slider Builder | High | 7.5 | 2025-05-06 09:21:49 | Deep Dive |
| CVE-2025-46230 | WordPress Popup Builder plugin <= 1.1.35 - Local File Inclusion Vulnerability | GhozyLab | Popup Builder | High | 7.5 | 2025-04-24 16:08:30 | Deep Dive |
| CVE-2025-26882 | WordPress Popup Builder plugin <= 1.1.33 - Cross Site Scripting (XSS) vulnerability | GhozyLab | Popup Builder | Medium | 6.5 | 2025-02-25 14:17:52 | Deep Dive |
| CVE-2024-56298 | WordPress Pretty Simple Popup Builder Plugin <= 1.0.9 - Stored Cross Site Scripting (XSS) vulnerability | Rob @ 5 Star Plugins | Pretty Simple Popup Builder | Medium | 5.9 | 2025-01-07 10:49:09 | Deep Dive |
| CVE-2024-10583 | Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popups Builder <= 1.20.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | danieliser | Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popup Builder | Medium | 5.4 | 2024-12-12 06:46:34 | Deep Dive |
| CVE-2024-9428 | Popup Builder < 4.3.5 - Admin+ Stored XSS | Unknown | Popup Builder | 中危 | - | 2024-12-12 06:00:19 | Deep Dive |
| CVE-2024-4633 | Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel <= 3.2.1- Authenticated (Author+) Stored Cross-Site Scripting | averta | Depicter — Popup & Slider Builder | Medium | 6.4 | 2024-12-06 13:45:20 | Deep Dive |
| CVE-2024-52382 | WordPress Matix Popup Builder plugin <= 1.0.0 - Arbitrary Option Update to Privilege Escalation vulnerability | medmatech | Matix Popup Builder | Critical | 9.8 | 2024-11-14 17:38:29 | Deep Dive |
| CVE-2024-9061 | WP Popup Builder – Popup Forms and Marketing Lead Generation <= 1.3.5 - Unauthenticated Arbitrary Shortcode Execution via wp_ajax_nopriv_shortcode_Api_Add | themehunk | WP Popup Builder – Popup Forms and Marketing Lead Generation | High | 7.3 | 2024-10-16 07:31:49 | Deep Dive |
| CVE-2024-2541 | Popup Builder <= 4.3.6 - Sensitive Information Exposure via Imported Subscribers CSV File | popupbuilder | Popup Builder – Create highly converting, mobile friendly marketing popups. | Medium | 5.3 | 2024-08-29 12:31:09 | Deep Dive |
| CVE-2024-43337 | WordPress Brave plugin <= 0.7.0 - Cross Site Request Forgery (CSRF) vulnerability | Brave | Brave Popup Builder | Medium | 4.3 | 2024-08-26 20:34:03 | Deep Dive |
| CVE-2024-7054 | Popup Maker <= 1.19.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | danieliser | Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popup Builder | Medium | 6.4 | 2024-08-20 10:58:30 | Deep Dive |
| CVE-2024-4389 | Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel <= 3.1.1 - Authenticated (Contributor+) Arbitrary File Upload | averta | Depicter — Popup & Slider Builder | High | 8.8 | 2024-08-14 08:29:44 | Deep Dive |
| CVE-2024-39626 | WordPress Pretty Simple Popup Builder plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability | Rob @ 5 Star Plugins | Pretty Simple Popup Builder | Medium | 5.9 | 2024-08-01 22:32:47 | Deep Dive |
| CVE-2024-6555 | WP Popups – WordPress Popup builder <= 2.2.0.1 - Unauthenticated Full Path Disclosure | timersys | WP Popups – WordPress Popup builder | Medium | 5.3 | 2024-07-12 05:32:38 | Deep Dive |
| CVE-2024-4390 | Depicter <= 3.0.2 - Authenticated (Contributor+) Arbitrary Nonce Generation | averta | Depicter — Popup & Slider Builder | Medium | 6.5 | 2024-06-20 03:37:23 | Deep Dive |
| CVE-2024-3236 | Easy Notify Lite < 1.1.33 - Contributor+ Stored XSS | Unknown | Popup Builder | - | - | 2024-06-17 06:00:01 | Deep Dive |
| CVE-2023-6696 | Popup Builder – Create highly converting, mobile friendly marketing popups <= 4.3.1 - Missing Authorization and Nonce Exposure | popupbuilder | Popup Builder – Create highly converting, mobile friendly marketing popups. | High | 8.1 | 2024-06-15 02:02:01 | Deep Dive |