| CVE-2024-2544 | Popup Builder <= 4.3.0 - Missing Authorization in Multiple AJAX Actions | popupbuilder | Popup Builder – Create highly converting, mobile friendly marketing popups. | High | 7.4 | 2024-06-15 02:01:58 | Deep Dive |
| CVE-2024-2506 | Popup Builder <= 4.2.7 - Authenticated(Contributor+) Stored Cross-Site Scripting via Custom JS | popupbuilder | Popup Builder – Create highly converting, mobile friendly marketing popups. | Medium | 6.4 | 2024-06-01 06:51:49 | Deep Dive |
| CVE-2024-4045 | Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation <= 2.16.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | smub | Popup Builder & Popup Maker for WordPress – OptinMonster Email Marketing and Lead Generation | Medium | 6.4 | 2024-05-25 05:36:44 | Deep Dive |
| CVE-2024-34567 | WordPress Easy Notify Lite plugin <= 1.1.29 - Cross Site Scripting (XSS) vulnerability | GhozyLab, Inc. | Popup Builder | Medium | 5.9 | 2024-05-17 06:07:58 | Deep Dive |
| CVE-2024-1945 | ARForms Form Builder <= 1.6.4 - Missing Authorization to Authenticated(Subscriber+) Arbitrary Option Deletion | reputeinfosystems | Contact Form, Survey, Quiz & Popup Form Builder – ARForms | High | 7.1 | 2024-05-02 16:51:41 | Deep Dive |
| CVE-2024-33691 | WordPress Popup Builder by OptinMonster plugin <= 2.15.3 - Cross Site Request Forgery (CSRF) Notice Dismissal vulnerability | OptinMonster Popup Builder Team | OptinMonster | Medium | 4.3 | 2024-04-26 12:50:46 | Deep Dive |
| CVE-2024-2008 | Modal Popup Box – Popup Builder, Show Offers And News in Popup <= 1.5.2 - Authenticated (Contributor+) PHP Object Injection in awl_modal_popup_box_shortcode | awordpresslife | Modal Popup Box | High | 8.8 | 2024-04-04 02:32:40 | Deep Dive |
| CVE-2024-30453 | WordPress Brave plugin <= 0.6.5 - Server Side Request Forgery (SSRF) vulnerability | Brave | Brave Popup Builder | Medium | 5.4 | 2024-03-29 16:38:15 | Deep Dive |
| CVE-2024-30184 | WordPress Popup Builder plugin <= 4.2.6 - Cross Site Scripting (XSS) vulnerability | Looking Forward Software Incorporated. | Popup Builder | Medium | 6.5 | 2024-03-27 11:48:57 | Deep Dive |
| CVE-2023-6294 | popup-builder < 4.2.6 - Admin+ SSRF & File Read | Unknown | Popup Builder | 中危 | - | 2024-02-12 16:06:01 | Deep Dive |
| CVE-2023-51532 | WordPress Icegram Plugin <= 3.1.19 is vulnerable to Cross Site Scripting (XSS) | Icegram | Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building | Medium | 6.5 | 2024-02-01 11:00:08 | Deep Dive |
| CVE-2023-6828 | ARForms <= 1.5.8 - Unauthenticated Stored Cross-Site Scripting via arf_http_referrer_url | reputeinfosystems | Contact Form, Survey, Quiz & Popup Form Builder – ARForms | High | 7.2 | 2024-01-11 08:32:38 | Deep Dive |
| CVE-2023-52119 | WordPress Icegram Plugin <= 3.1.18 is vulnerable to Cross Site Request Forgery (CSRF) | Icegram | Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building | Medium | 4.3 | 2024-01-05 09:28:10 | Deep Dive |
| CVE-2023-6000 | Popup Builder < 4.2.3 - Unauthenticated Stored XSS | Unknown | Popup Builder | 中危 | - | 2024-01-01 14:18:57 | Deep Dive |
| CVE-2023-32517 | WordPress MailChimp Subscribe Forms Plugin <= 4.0.9.3 is vulnerable to Open Redirection | PluginOps | MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder | Medium | 4.7 | 2023-12-29 10:05:17 | Deep Dive |
| CVE-2023-4961 | Poptin <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | poptin | Poptin – Exit Pop Ups & Email Popups | Medium | 6.4 | 2023-10-20 07:29:22 | Deep Dive |
| CVE-2023-3226 | Popup Builder < 4.2.0 - Admin+ Stored Cross-Site Scripting | Unknown | Popup Builder | 中危 | - | 2023-09-25 15:56:52 | Deep Dive |
| CVE-2023-24003 | WordPress WP Popups Plugin <= 2.1.4.8 is vulnerable to Cross Site Scripting (XSS) | Timersys | WP Popups – WordPress Popup builder | Medium | 6.5 | 2023-04-06 08:09:15 | Deep Dive |
| CVE-2023-23980 | WordPress MailOptin Plugin <= 1.2.54.0 is vulnerable to Cross Site Scripting (XSS) | MailOptin Popup Builder Team | MailOptin | Medium | 5.9 | 2023-04-06 07:39:04 | Deep Dive |
| CVE-2023-0772 | Popup Builder by OptinMonster < 2.12.2 - Subscriber+ Arbitrary Post Content Disclosure | Unknown | Popup Builder by OptinMonster | 中危 | - | 2023-03-13 16:03:31 | Deep Dive |