Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popup Builder

Vulnerabilities 22Slug popup-makerLatest version 1.22.0WordPress.org →

Minimum safe version

1.21.0

Update to 1.21.0 or later to address 22 fixable vulnerabilities

Latest available1.22.0
Medium 6.4
2025-09-26< 1.21.0

Popup Maker <= 1.20.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via title Parameter

EUVDWordfenceCVE
Medium 6.4
2025-06-03< 1.20.5

Popup Maker <= 1.20.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via popupID Parameter

EUVDWordfenceCVE
N/A
2023-07-19< 1.10.0

WordPress Popup Maker Plugin <= 1.9.2 is vulnerable to Cross Site Scripting (XSS)

PatchstackCVE
N/A
2023-03-09< 1.18.1

WordPress Popup Maker Plugin <= 1.18.0 is vulnerable to Cross Site Request Forgery (CSRF)

Patchstack
N/A
2023-03-08< 1.18.1

Popup Maker <= 1.18.0 - Cross-Site Request Forgery via init

Wordfence
Medium 5.4
2023-09-23< 1.16.9

WordPress Popup Maker Plugin < 1.16.9 is vulnerable to Cross Site Scripting (XSS)

PatchstackCVEWPScan
Medium 5.4
2023-09-23< 1.16.9

WordPress Popup Maker Plugin < 1.16.9 is vulnerable to Cross Site Scripting (XSS)

PatchstackCVEWordfenceWPScan
N/A
2019-02-25< 1.8.3

Freemius SDK <= 2.2.3 - Missing Authorization to Arbitrary Options Update

Wordfence
N/A
2022-09-26< 1.16.9

Popup Maker <= 1.16.8 - Authenticated (Contributor+) Cross-Site Scripting

Wordfence
N/A
< 1.8.3

Freemius Library &lt; 2.2.4 - Subscriber+ Arbitrary Option Update

WPScan