CVE-2026-24616

CVE-2026-24616 concerns WP Popups: WordPress Popup Builder (Damian WP Popups wp-popups-lite) with Missing Authorization affecting versions up to 2.2.0.3, reported as Broken Access Control. Connected Red Hat and CVE records confirm the issue affects WP Popups

CVE-2026-24616

Missing Authorization vulnerability in Damian WP Popups wp-popups-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Popups: from n/a through = 2.2.0.3...

WordPress plugin WP Popups has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-4448

Name of the Vulnerable Software and Affected Versions Damian WP Popups versions through 2.2.0.3 Description An issue exists in Damian WP Popups wp-popups-lite related to incorrectly configured access control security levels, allowing for missing authorization. The issue allows exploitation of...

WordPress WP Popups plugin <= 2.2.0.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by theviper17 in WordPress Plugin WP Popups versions = 2.2.0.5...