Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

popupbuilder — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting popupbuilder. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Popupbuilder is a web-based platform for creating and managing pop-up advertisements and marketing campaigns. Historically, the application has been vulnerable to multiple security issues including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation vulnerabilities. These weaknesses often stem from improper input validation and insufficient access controls. The six recorded CVEs highlight persistent security concerns, with several allowing attackers to execute arbitrary code or compromise user accounts. While no major public incidents have been widely documented, the pattern of vulnerabilities suggests potential risks for organizations using the platform, particularly those failing to implement proper security patches and input sanitization measures.

Top products by popupbuilder: Popup Builder – Create highly converting, mobile friendly marketing popups.
CVE IDTitleCVSSSeverityPublished
CVE-2025-13079 Popup Builder - Create highly converting, mobile friendly marketing popups. <= 4.4.2 - Improper Authorization to Unauthenticated Subscriber Removal via Predictable Tokens — Popup Builder – Create highly converting, mobile friendly marketing popups.CWE-1241 5.3 Medium2026-02-19
CVE-2025-9856 Popup Builder – Create highly converting, mobile friendly marketing popups. <= 4.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Popup Builder – Create highly converting, mobile friendly marketing popups.CWE-79 6.4 Medium2025-12-13
CVE-2024-2541 Popup Builder <= 4.3.6 - Sensitive Information Exposure via Imported Subscribers CSV File — Popup Builder – Create highly converting, mobile friendly marketing popups.CWE-200 5.3 Medium2024-08-29
CVE-2023-6696 Popup Builder – Create highly converting, mobile friendly marketing popups <= 4.3.1 - Missing Authorization and Nonce Exposure — Popup Builder – Create highly converting, mobile friendly marketing popups.CWE-862 8.1 High2024-06-15
CVE-2024-2544 Popup Builder <= 4.3.0 - Missing Authorization in Multiple AJAX Actions — Popup Builder – Create highly converting, mobile friendly marketing popups.CWE-862 7.4 High2024-06-15
CVE-2024-2506 Popup Builder <= 4.2.7 - Authenticated(Contributor+) Stored Cross-Site Scripting via Custom JS — Popup Builder – Create highly converting, mobile friendly marketing popups.CWE-79 6.4 Medium2024-06-01

This page lists every published CVE security advisory associated with popupbuilder. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.