9 matches found
CVE-2025-13192
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to generic SQL Injection via the multiple REST API endpoints in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied...
CVE-2025-10861
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.1.4. This is due to insufficient validation on the URLs supplied via the URL parameter...
CVE-2025-10861 Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers <= 2.1.4 - Unauthenticated Server-Side Request Forgery
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.1.4. This is due to insufficient validation on the URLs supplied via the URL parameter...
CVE-2025-10861
CVE-2025-10861: Unauthenticated SSRF in the WordPress plugin “Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers” affecting versions up to and including 2.1.4 due to insufficient URL validation. Exploitation could allow the server to make requests t...
CVE-2025-10861 Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers <= 2.1.4 - Unauthenticated Server-Side Request Forgery
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.1.4. This is due to insufficient validation on the URLs supplied via the URL parameter...
CVE-2025-10862
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.1.3. This is due to insufficient escaping on the 'id' parameter and lack of sufficient preparation on...
CVE-2025-10862
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.1.3. This is due to insufficient escaping on the 'id' parameter and lack of sufficient preparation on...
CVE-2025-10862 Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers <= 2.1.3 - Unauthenticated SQL Injection via 'id'
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.1.3. This is due to insufficient escaping on the 'id' parameter and lack of sufficient preparation on...
WordPress plugin Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a suite of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. WordPress...