Vulnerability in Popup Box
CVE-2025-15611
The Popup Box WordPress plugin before 5.5.0 does not properly validate nonces in the add_or_edit_popupbox() function before saving popup data, allowing unauthenticated attackers to perform Cross-Site Request Forgery attacks. When an authe…
EPSS: 0.000 (8.0th percentile) — read the EPSS interpretation.
Affected products
- Unknown Popup Box — versions 0
References
- wpscan.com/vulnerability/089ea763-2421-4089-a220-251421f7f226/ (exploit, vdb-entry, technical-description)