Does Exit-Intent Popup have any unpatched vulnerabilities?

No. All known vulnerabilities in Exit-Intent Popup have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Exit-Intent Popup compatible with WordPress 6.7.5?

According to WordPress.org data, Exit-Intent Popup 1.0.2 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Exit-Intent Popup compatible with PHP 7.2+?

Exit-Intent Popup requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Exit-Intent Popup updated?

Exit-Intent Popup was last updated on Apr 14, 2025. Frequent updates are generally a positive security signal.

What is Exit-Intent Popup's security score?

Exit-Intent Popup has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Exit-Intent Popup Security & Risk Analysis

wordpress.org/plugins/exit-intent-popup

A powerful exit-intent popup plugin that helps retain visitors and boost conversions by offering discounts before they leave.

60 active installs v1.0.2 PHP 7.2+ WP 5.0+ Updated Apr 14, 2025

conversiondiscountexit-intentpopupwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Exit-Intent Popup Safe to Use in 2026?

Generally Safe

Score 100/100

Exit-Intent Popup has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The "exit-intent-popup" plugin v1.0.2 exhibits a generally strong security posture based on the provided static analysis. The absence of any recorded vulnerabilities in its history, coupled with the lack of dangerous functions, raw SQL queries, file operations, or external HTTP requests, suggests a well-developed and secure codebase. The high percentage of properly escaped output further reinforces this positive assessment, minimizing the risk of cross-site scripting vulnerabilities.

However, a notable concern arises from the complete lack of nonce checks and capability checks, and a zero count for AJAX handlers and REST API routes. While the current attack surface appears minimal, this absence of security mechanisms leaves the plugin vulnerable should new entry points be introduced or existing ones be discovered. The taint analysis reporting zero flows is positive, but its completeness is questionable given the lack of detailed flow analysis.

In conclusion, the plugin demonstrates good practices in core code security. Its clean vulnerability history and minimal code signals for common risky functions are strengths. The primary weakness lies in the absence of fundamental WordPress security controls like nonces and capability checks, which, while not directly exploitable with the current attack surface, represent a significant gap that could be exploited if the attack surface expands.

Key Concerns

Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Exit-Intent Popup Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Exit-Intent Popup Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

143 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

99% escaped144 total outputs

Attack Surface

Exit-Intent Popup Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionadmin_initadmin\settings.php:53

actionadmin_menuadmin\settings.php:144

actionadmin_enqueue_scriptsadmin\settings.php:230

actionplugins_loadedexit-intent-popup.php:26

actionwp_enqueue_scriptsincludes\enqueue-scripts.php:129

actionwp_footerincludes\popup.php:13

Maintenance & Trust

Exit-Intent Popup Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedApr 14, 2025

PHP min version7.2

Downloads776

Community Trust

Rating0/100

Number of ratings0

Active installs60

Alternatives

Exit-Intent Popup Alternatives

Hello Bar Popup Builder: Design Engaging Popups on WordPress

hellobar

100

Easily add a Popup to your WordPress site with the official HelloBar WordPress plugin.

3K No CVEs

Poptics – Popup Builder, Email Opt-ins, Exit-Intent & WooCommerce Popups Sales

poptics

Create high-converting popups, email opt-ins, exit-intent popups & WooCommerce popups to boost leads, subscribers and sales.

2K 1 CVE

Cart Lift – Abandoned Cart Recovery for WooCommerce and EDD

cart-lift

Track abandoned carts and send automated, customizable abandoned cart recovery emails. Get more leads, reduce cart abandonment, and increase revenue.

1K 2 CVEs

Nelio Popups

nelio-popups

An intuitive popup designer based on open WordPress technologies

1K 2 CVEs

OptinCraft – Drag & Drop Optins & Popup Builder for WordPress

optincraft

100

Build stunning and high-converting optins & popups with OptinCraft, the powerful WordPress drag and drop popup builder & popup maker to boost sales.

200 No CVEs

Developer Profile

Exit-Intent Popup Developer Profile

ammarsaif

7 plugins · 290 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Exit-Intent Popup

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/exit-intent-popup/assets/css/style.css/wp-content/plugins/exit-intent-popup/assets/js/script.js

Script Paths

/wp-content/plugins/exit-intent-popup/assets/js/script.js

Version Parameters

exit-intent-popup/assets/css/style.css?ver=exit-intent-popup/assets/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

exitpo-settings-wrapexitpo-tab-content

Data Attributes

data-tab

JS Globals

exitpo_options

FAQ