CVE-2025-15611
The CVE-2025-15611 vulnerability affects the Popup Box WordPress plugin prior to 5.5.0, where add_or_edit_popupbox() (and variants such as add or edit popupbox) fails to validate nonces, enabling CSRF. This allows unauthenticated attackers to craft requests that, when an authenticated admin visit...