Vulnerabilities > Code Atlantic > Popup Maker > 1.19.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-24 | CVE-2025-24746 | Cross-site Scripting vulnerability in Code-Atlantic Popup Maker Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Popup Maker Popup Maker allows Stored XSS. | 5.4 |
| 2024-12-12 | CVE-2024-10583 | Cross-site Scripting vulnerability in Code-Atlantic Popup Maker The Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popups Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘post_title’ parameter in all versions up to, and including, 1.20.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-11-01 | CVE-2024-47358 | Missing Authorization vulnerability in Code-Atlantic Popup Maker Missing Authorization vulnerability in Popup Maker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Popup Maker: from n/a through 1.19.2. | 9.8 |