WP-Safety

Page Popup Security & Risk Analysis

wordpress.org/plugins/page-popup

Page popup plugin for popup, provide a simple and fast popup for wordpress website.

10 active installs v1.0.0 PHP 5.6+ WP 4.6+ Updated Feb 6, 2020
page-popuppop-uppopuppopupswordpress-popup
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Page Popup Safe to Use in 2026?

Generally Safe

Score 85/100

Page Popup has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

This plugin exhibits a strong security posture based on the static analysis. The absence of an attack surface, dangerous functions, file operations, and external HTTP requests is highly commendable. The extensive use of prepared statements for SQL queries and the high percentage of properly escaped output further reinforce this positive assessment. The presence of a nonce check is also a good sign of implemented security measures.

However, the taint analysis reveals two flows with unsanitized paths. While these are not categorized as critical or high severity, they still represent potential vulnerabilities that could be exploited if an attacker can inject malicious data into these specific paths. The complete lack of vulnerability history is a positive indicator, suggesting the plugin has not had publicly disclosed security issues.

In conclusion, the 'page-popup' v1.0.0 plugin demonstrates excellent foundational security practices. The main area of concern lies within the taint analysis findings. While the severity is currently low, these unsanitized paths should be addressed to eliminate any potential risk, especially as the plugin evolves. The plugin's strengths far outweigh its weaknesses, but proactive mitigation of the identified taint flows is recommended for continued robust security.

Key Concerns

  • Flows with unsanitized paths found in taint analysis
Vulnerabilities
None known

Page Popup Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Page Popup Release Timeline

No version history available.
Code Analysis
Analyzed Mar 17, 2026

Page Popup Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
3
20 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

87% escaped23 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
settings_page (includes\class-wordpress-popup-plugin-settings.php:444)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Page Popup Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 11
actioninitincludes\class-wordpress-popup-plugin-settings.php:64
actionadmin_initincludes\class-wordpress-popup-plugin-settings.php:67
actionadmin_menuincludes\class-wordpress-popup-plugin-settings.php:70
actionwp_enqueue_scriptsincludes\class-wordpress-popup-plugin.php:126
actionwp_enqueue_scriptsincludes\class-wordpress-popup-plugin.php:127
actionadmin_enqueue_scriptsincludes\class-wordpress-popup-plugin.php:130
actionadmin_enqueue_scriptsincludes\class-wordpress-popup-plugin.php:131
actioninitincludes\class-wordpress-popup-plugin.php:140
actionadd_meta_boxesincludes\wordpress-popup-plugin-metabox.php:6
actionsave_postincludes\wordpress-popup-plugin-metabox.php:51
actionwp_footertemplate\popup_temp.php:26
Maintenance & Trust

Page Popup Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21
Last updatedFeb 6, 2020
PHP min version5.6
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Page Popup Alternatives

Popup Builder – Create highly converting, mobile friendly marketing popups.

Popup Builder – Create highly converting, mobile friendly marketing popups.

popup-builder

B
76

Increase Sales, Lead Generation, Conversion rates and receive good Call to Action rates with smart WordPress popup plugin.

200K 23 CVEs
Popup Box – Create Countdown, Coupon, Video, Contact Form Popups

Popup Box – Create Countdown, Coupon, Video, Contact Form Popups

ays-popup-box

A
89

Build flexible popups and modal windows with multiple popup types, triggers, and display controls.

50K 18 CVEs
Brave Popup Builder – Popup, Optins, Lead Generation, Survey & Interactive Content

Brave Popup Builder – Popup, Optins, Lead Generation, Survey & Interactive Content

brave-popup-builder

A
92

The best drag-and-drop Popup Builder for WordPress. Create Popups, exit-intent popups, slide-ins, and lead generation forms & Woocommerce popups i …

20K 5 CVEs
Poptin – Exit Pop Ups & Email Popups

Poptin – Exit Pop Ups & Email Popups

poptin

A
100

Free exit intent popup builder, gamified popups with spin the wheel, contact form builder & lead generation pop ups platform for your website. 🎉

20K 1 CVE
Pop-up

Pop-up

pop-up-pop-up

A
99

Pop-up Popups

10K 2 CVEs
Developer Profile

Page Popup Developer Profile

creativeencode

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Page Popup

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/page-popup/includes/lib/jquery.validate.min.js/wp-content/plugins/page-popup/includes/lib/settings.js
Script Paths
/wp-content/plugins/page-popup/includes/lib/jquery.validate.min.js/wp-content/plugins/page-popup/includes/lib/settings.js
Version Parameters
page-popup/includes/lib/jquery.validate.min.js?ver=1.0.0page-popup/includes/lib/settings.js?ver=1.0.0

HTML / DOM Fingerprints

CSS Classes
wpp_settings
HTML Comments
<!-- Settings class file. --><!-- Settings class. --><!-- Constructor function. --><!-- Initialise settings -->+5 more
Data Attributes
data-page-popup-settings
JS Globals
var wpp_validatorvar wpp_settings
FAQ

Frequently Asked Questions about Page Popup