WP-Safety

Popup Shraddha Security & Risk Analysis

wordpress.org/plugins/popup-shraddha

Popup and alert bar on top and on footer.

10 active installs v01.04.02 PHP + WP 4.0.0+ Updated Nov 25, 2021
alertpoptop-bar
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Popup Shraddha Safe to Use in 2026?

Generally Safe

Score 85/100

Popup Shraddha has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The "popup-shraddha" plugin, version 01.04.02, exhibits several significant security weaknesses. The most concerning aspect is its unprotected attack surface, with 2 out of 2 identified AJAX handlers lacking authentication checks. This opens the door for unauthenticated users to potentially trigger plugin functionality, leading to unintended actions or information disclosure. Furthermore, the code analysis reveals a complete absence of output escaping and the use of raw SQL queries without prepared statements, indicating a high risk of cross-site scripting (XSS) and SQL injection vulnerabilities. While there is no recorded vulnerability history, this does not negate the inherent risks present in the current codebase. The plugin demonstrates a poor security posture due to these fundamental misconfigurations. Users should exercise extreme caution, as the identified flaws present substantial opportunities for exploitation.

Key Concerns

  • Unprotected AJAX handlers
  • SQL queries without prepared statements
  • No output escaping
  • No nonce checks on AJAX
  • No capability checks
Vulnerabilities
None known

Popup Shraddha Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Popup Shraddha Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
0 prepared
Unescaped Output
11
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

0% prepared4 total queries

Output Escaping

0% escaped11 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<form_submit> (admin\function\form_submit.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Popup Shraddha Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_popup_shraddha_reponseadmin\function\form_submit.php:2
authwp_ajax_popup_shraddha_setting_reponseadmin\function\form_submit.php:13
WordPress Hooks 6
actionadmin_menuadmin\function\admin_main_menu.php:10
actionwp_headhtml_container.php:41
actionwp_enqueue_scriptsincluding_js_css.php:4
actionwp_enqueue_scriptsincluding_js_css.php:9
actioninitindex.php:15
filterplugin_action_linksindex.php:85
Maintenance & Trust

Popup Shraddha Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13
Last updatedNov 25, 2021
PHP min version
Downloads1K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Popup Shraddha Alternatives

Popup Box – Easily Create WordPress Popups

Popup Box – Easily Create WordPress Popups

popup-box

A
95

Popup Box lets you create responsive, customizable WordPress popups with live preview, flexible triggers, and smart targeting to boost engagement and &hellip;

5K 4 CVEs
Popup for CF7 with Sweet Alert

Popup for CF7 with Sweet Alert

cf7-sweet-alert-popup

C
63

Popup for CF7 with Sweet Alert

3K 1 unpatched
Disclaimer Popup

Disclaimer Popup

disclaimer-popup

A
92

Disclaimer Popup is a free plugin that will help you to quickly create a disclaimer popup complete with texts and images

1K No CVEs
New Order Notification for WooCommerce

New Order Notification for WooCommerce

new-order-notification-for-woocommerce

A
100

Instant popup and sound alerts for new WooCommerce orders — never miss a sale again!

1K 1 CVE
Advanced Notifications

Advanced Notifications

advanced-notifications

A
91

Advanced Notifications allows you to create beautiful custom notifications that appear on pages or posts of your choice.

100 1 CVE
Developer Profile

Popup Shraddha Developer Profile

Er Siddharth Singh

5 plugins · 40 total installs

88
trust score
Avg Security Score
91/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Popup Shraddha

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/popup-shraddha/css/style.css/wp-content/plugins/popup-shraddha/css/font-awesome.min.css/wp-content/plugins/popup-shraddha/js/script.js
Script Paths
js/script.js
Version Parameters
popup-shraddha/css/style.css?ver=popup-shraddha/css/font-awesome.min.css?ver=popup-shraddha/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
popup_shraddha_top_barpopup_shraddha_close_top_barpopup_shraddha_middle_contanerpopup_shraddha_middle_messagepopup_shraddha_close_middle_buttonpopup_shraddha_text_containerpopup_shraddha_footer_barpopup_shraddha_close_bottom_bar
HTML Comments
<!--Top bar stat--><!--Top bar end--><!--Middle bar stat--><!--Middle bar end-->+1 more
FAQ

Frequently Asked Questions about Popup Shraddha