Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%
Buy Us a Coffee

Popup box — Vulnerabilities & Security Advisories 16

All 16 CVE vulnerabilities found in Popup box, with AI-generated Chinese analysis, references, and POCs.

This page aggregates vulnerability data for the popup box widget component, categorizing weaknesses by common classification standards such as CWE and tagging them by severity. It collects known security flaws ranging from cross-site scripting and injection attacks to memory corruption issues that occur within the rendering or handling of interactive modal windows. The collection spans from initial releases of the technology up to the most recently disclosed advisories, ensuring a comprehensive historical view of the product's security posture over time. Readers can utilize this resource to track a vendor's advisories as they respond to emerging threats, understand a weakness class by seeing how it manifests specifically in popup box implementations, or look up a product's vulnerability history to assess long-term maintenance quality. This aggregation serves as a neutral reference for developers, security analysts, and procurement teams who need to evaluate the risk profile of using popup box components in their software ecosystems. By centralizing these data points, the page facilitates better decision-making regarding component selection and remediation priorities. Users can filter results by date, severity, or specific vulnerability types to find relevant information quickly. The goal is to provide transparency and clarity around the security implications of this common UI element, helping stakeholders identify potential exposure areas before deployment. This approach supports proactive security management by making past issues easily accessible for trend analysis and comparative review against other similar components.

Vendor: Ays Pro

CVE IDTitleCVSSSeverityPublished
CVE-2026-57631 WordPress Popup box plugin <= 6.0.1 - SQL Injection vulnerability CWE-89 7.6 High2026-06-26
CVE-2026-54192 WordPress Popup box plugin <= 6.2.9 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 7.1 High2026-06-17
CVE-2025-15611 Popup Box AYS Pro < 5.5.0 - Admin+ Stored Cross-Site Scripting (XSS) via CSRF 7.1AIHighAI2026-04-07
CVE-2025-69021 WordPress Popup box plugin <= 6.0.7 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 5.4 Medium2025-12-30
CVE-2025-57931 WordPress Popup box plugin <= 5.5.4 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 5.3 Medium2025-10-29
CVE-2024-9599 Popup Box < 4.7.8 - Admin+ Stored XSS 4.8AIMediumAI2025-05-15
CVE-2025-24711 WordPress Popup Box Plugin <= 3.2.4 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 5.4 Medium2025-01-24
CVE-2024-37096 WordPress Popup box plugin <= 4.5.1 - Broken Access Control vulnerability CWE-862 4.3 Medium2024-11-01
CVE-2024-34367 WordPress Popup Box plugin <= 4.1.2 - CSRF to XSS vulnerability CWE-352 7.1 High2024-05-06
CVE-2023-6591 Popup Box Pro < 20.9.0 - Admin+ Stored XSS 4.8 -2024-02-12
CVE-2023-5809 Popup box < 3.8.6 - Admin+ Stored XSS in Categories 4.8AIMediumAI2023-12-04
CVE-2023-5874 Popup box < 3.8.6 - Admin+ Stored XSS in Popup Settings 4.8AIMediumAI2023-12-04
CVE-2023-5343 Popup Box < 3.7.9 - Admin+ Stored XSS 4.8AIMediumAI2023-11-20
CVE-2023-4390 Popup box < 3.7.2 - Admin+ Stored Cross-Site Scripting 4.8 -2023-10-31
CVE-2023-27414 WordPress Popup box Plugin <= 3.4.4 is vulnerable to Cross Site Scripting (XSS) CWE-79 7.1 High2023-06-21
CVE-2021-24458 Popup box < 2.3.4 - Authenticated Blind SQL Injections CWE-89 8.8 -2021-08-02

All 16 known CVE vulnerabilities affecting Popup box with full Chinese analysis, references, and POCs where available.