178 matches found
Popup-Maker < 1.8.12 - Broken Authentication
An issue was discovered in the Popup Maker plugin before 1.8.13 for WordPress. An unauthenticated attacker can partially control the arguments of the doaction function to invoke certain popmake or pum methods, as demonstrated by controlling content and delivery of popmake-system-info.txt aka the...
CVE-2026-8848
The Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popup Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.22.0. This is due to the plugin not properly verifying that a user is authorized to perform an...
CVE-2026-8848 Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popup Builder <= 1.22.0 - Missing Authorization to Authenticated (Editor+) Arbitrary Plugin Installation
The Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popup Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.22.0. This is due to the plugin not properly verifying that a user is authorized to perform an...
CVE-2026-8848
Technical details are not publicly available in the provided documents. Monitor for updates.
EUVD-2026-42544
The Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popup Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.22.0. This is due to the plugin not properly verifying that a user is authorized to perform an...
CVE-2026-8848
The Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popup Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.22.0. This is due to the plugin not properly verifying that a user is authorized to perform an...
WordPress plugin WowOptin: Next-Gen Popup Maker 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2024-34770
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Popup Maker Popup Maker WP popup-maker-wp allows Stored XSS.This issue affects Popup Maker WP: from n/a through = 1.3.6...
CVE-2024-2336
The Popup Maker – Popup for opt-ins, lead gen, & more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.18.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
EUVD-2017-11467
Malware in sbrugna...
EUVD-2024-48053
Malicious code in bioql PyPI...
EUVD-2024-42394
Malicious code in bioql PyPI...
EUVD-2024-27290
Malicious code in bioql PyPI...
EUVD-2025-31215
Malicious code in bioql PyPI...
EUVD-2024-35040
Malicious code in bioql PyPI...
EUVD-2022-50357
Malicious code in bioql PyPI...
EUVD-2022-43049
Malicious code in bioql PyPI...
EUVD-2022-51712
Malicious code in bioql PyPI...
EUVD-2022-48673
Malicious code in bioql PyPI...
EUVD-2025-3935
Malicious code in bioql PyPI...