CVE-2025-68502 WordPress JetPopup plugin <= 2.0.20.1 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Crocoblock JetPopup jet-popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetPopup: from n/a through = 2.0.20.1...

CVE-2025-53993 WordPress JetPopup plugin <= 2.0.15 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetPopup jet-popup allows Retrieve Embedded Sensitive Data.This issue affects JetPopup: from n/a through = 2.0.15...

CVE-2025-53993 WordPress JetPopup plugin <= 2.0.15 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetPopup jet-popup allows Retrieve Embedded Sensitive Data.This issue affects JetPopup: from n/a through = 2.0.15...

CVE-2025-53994

CVE-2025-53994 : Crocoblock JetPopup is affected up to version 2.0.15. The issue is a DOM-based Cross-Site Scripting (XSS) caused by improper neutralization of input during web page generation. Remediation: update to a version later than 2.0.15 (per PT-2025-29738).

CVE-2025-26944 WordPress JetPopup plugin <= 2.0.11 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Crocoblock JetPopup jet-popup allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetPopup: from n/a through = 2.0.11...

CVE-2025-26944 WordPress JetPopup plugin <= 2.0.11 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Crocoblock JetPopup jet-popup allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetPopup: from n/a through = 2.0.11...

WordPress JetPopup Plugin <= 2.0.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software JetPopup Type Plugin Vulnerable versions = 2.0.2 Fixed in 2.0.2.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-48762 Patch priority Low CVSS severity Low 6.3 Developer Crocoblock PSID c8612eac8fc1 Credits Rafie Muhammad Patchstack...

WordPress JetPopup Plugin <= 2.0.2 is vulnerable to Broken Access Control

Software JetPopup Type Plugin Vulnerable versions = 2.0.2 Fixed in 2.0.2.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 023e24c3cead Credits Rafie Muhammad Patchstack Require...