Ays Pro Popup Box vulnerabilities
3 known vulnerabilities affecting ays_pro/popup_box.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1UNKNOWN1
Vulnerabilities
Page 1 of 1
CVE-2025-69021MEDIUMCVSS 5.4≤ 6.0.72025-12-30
CVE-2025-69021 [MEDIUM] CWE-352 CVE-2025-69021: Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Popup box ays-popup-box allows Cross Site
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Popup box ays-popup-box allows Cross Site Request Forgery.This issue affects Popup box: from n/a through <= 6.0.7.
cvelistv5nvd
CVE-2025-57931UNKNOWN≤ 5.5.42025-10-29
CVE-2025-57931 CWE-352 CVE-2025-57931: Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Popup box ays-popup-box allows Cross Site
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Popup box ays-popup-box allows Cross Site Request Forgery.This issue affects Popup box: from n/a through <= 5.5.4.
cvelistv5nvd
CVE-2021-24458HIGHCVSS 8.8≥ 2.3.4, < 2.3.42021-08-02
CVE-2021-24458 [HIGH] CWE-89 CVE-2021-24458: The get_ays_popupboxes() and get_popup_categories() functions of the Popup box WordPress plugin befo
The get_ays_popupboxes() and get_popup_categories() functions of the Popup box WordPress plugin before 2.3.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
cvelistv5nvd