Does IT Popups have any unpatched vulnerabilities?

No. All known vulnerabilities in IT Popups have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is IT Popups compatible with WordPress 4.9.29?

According to WordPress.org data, IT Popups 1.0 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is IT Popups updated?

IT Popups was last updated on Dec 23, 2017. Frequent updates are generally a positive security signal.

What is IT Popups's security score?

IT Popups has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

IT Popups Security & Risk Analysis

wordpress.org/plugins/it-popups

This is a plugin to show the content and call any SHORTCODE in popup. You can also add header and footer for the popup. Popup will open by clicking an …

10 active installs v1.0 PHP + WP 3.5+ Updated Dec 23, 2017

contactmodalpopup

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is IT Popups Safe to Use in 2026?

Generally Safe

Score 85/100

IT Popups has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "it-popups" v1.0 plugin exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of known CVEs, critical taint flows, and dangerous functions is a significant positive indicator. The plugin also demonstrates good practices by using prepared statements for all SQL queries and properly escaping a high percentage of its output. The limited attack surface, with only one shortcode and no unprotected entry points, further contributes to its security.

However, there are a few areas that warrant attention. The lack of nonce checks across all entry points, including the single shortcode, presents a potential weakness. While the capability check is present, the absence of nonce validation could allow for Cross-Site Request Forgery (CSRF) vulnerabilities if the shortcode performs any sensitive actions. The limited taint analysis data (0 flows analyzed) means that the absence of critical or high-severity flows might not be a definitive guarantee of safety, as a more comprehensive analysis might reveal issues.

Key Concerns

Missing nonce checks on entry points
Limited taint analysis data

Vulnerabilities

None known

IT Popups Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

IT Popups Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

91 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

93% escaped98 total outputs

Attack Surface

IT Popups Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[IT_MODAL_POPUP] it-popup.php:508

WordPress Hooks 6

actionadmin_initit-popup.php:29

actionadmin_menuit-popup.php:412

actioninitit-popup.php:510

actionwp_enqueue_scriptsit-popup.php:520

actionadmin_enqueue_scriptsit-popup.php:529

actionadmin_print_stylesit-popup.php:537

Maintenance & Trust

IT Popups Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedDec 23, 2017

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings3

Active installs10

Alternatives

IT Popups Alternatives

Popup addon for Ninja Forms

popup-addon-for-ninja-forms

Popup/Modal addon for Ninja Forms. Create beautiful popups using Ninja Forms for newsletters, login, registration forms.

1K 2 CVEs

Result Popups for CF7

result-popups-for-cf7

100

Modernize your Contact Form 7 messages with clean, customizable SweetAlert2 popups. No config needed. Just activate and enjoy.

20 No CVEs

Lightbox & Modal Popup WordPress Plugin – FooBox

foobox-image-lightbox

A responsive image lightbox for WordPress galleries, WordPress attachments & FooGallery

100K 5 CVEs

Popup Box – Create Countdown, Coupon, Video, Contact Form Popups

ays-popup-box

Build flexible popups and modal windows with multiple popup types, triggers, and display controls.

50K 17 CVEs

Popup Maker and Popup Anything – Popup for opt-ins and Lead Generation Conversions

popup-anything-on-click

Create popup on a page load or Create popup by clicking link, image and button. Create popups, opt-in forms, & exit popups, floating bars and more!

30K 4 CVEs

Developer Profile

IT Popups Developer Profile

Awais Altaf

4 plugins · 1K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect IT Popups

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

it-popup-notice-blockit-popup-noticeitpop_row_titleitpop_row_title_coloritpop_row_title_bgcoloritpop_row_widthitpop_row_heightitpop_row_display_on_load+9 more

HTML Comments

Setting SectionUse Details

Data Attributes

for="itpopup_field_title"class="itpop_row_title"for="itpopup_field_title_color"class="itpop_row_title_color"for="itpopup_field_title_bgcolor"class="itpop_row_title_bgcolor"+24 more

Shortcode Output

[IT_MODAL_POPUP]

FAQ