Roxnor Popup Builder With Gamification, Multi-step Popups, Page-level Targeting, And Woocommerce Triggers
5 CVEs affecting Roxnor Popup Builder With Gamification, Multi-step Popups, Page-level Targeting, And Woocommerce Triggers. Latest disclosed: 2026-02-10. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-13192 | High | 8.2 | 2026-02-05 | The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to generic SQL Inject… |
CVE-2025-10861 | High | 7.5 | 2025-10-24 | The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to Server-Side Reques… |
CVE-2025-10862 | High | 7.5 | 2025-10-09 | The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to SQL Injection in a… |
CVE-2025-14895 | Medium | 5.4 | 2026-02-10 | The PopupKit plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.2.0. This is due to the plugin not properly ver… |
CVE-2025-14441 | Medium | 4.3 | 2026-01-06 | The Popupkit plugin for WordPress is vulnerable to arbitrary subscriber data deletion due to missing authorization on the DELETE `/subscribers` REST API endpoi… |