Does PopupNotifix have any unpatched vulnerabilities?

No. All known vulnerabilities in PopupNotifix have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is PopupNotifix compatible with WordPress 6.8.5?

According to WordPress.org data, PopupNotifix 1.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is PopupNotifix updated?

PopupNotifix was last updated on Sep 10, 2025. Frequent updates are generally a positive security signal.

What is PopupNotifix's security score?

PopupNotifix has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

PopupNotifix Security & Risk Analysis

wordpress.org/plugins/popupnotifix

A lightweight WordPress plugin to display customizable popup notifications.

0 active installs v1.0 PHP + WP 6.0+ Updated Sep 10, 2025

lightboxmarketingnotificationpopuppromo

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is PopupNotifix Safe to Use in 2026?

Generally Safe

Score 100/100

PopupNotifix has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago

Risk Assessment

The "popupnotifix" v1.0 plugin exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices regarding SQL queries, exclusively using prepared statements, and all output is properly escaped, indicating a robust defense against common injection and cross-site scripting (XSS) vulnerabilities stemming from these areas. The absence of file operations, external HTTP requests, and bundled libraries further reduces the attack surface. The plugin's vulnerability history is also clean, with no recorded CVEs, suggesting a history of secure development or a lack of targeted exploitation. However, a significant concern arises from its "attack surface" analysis. All four identified AJAX handlers lack authentication checks. This means any unauthenticated user can potentially trigger these handlers, leading to unintended actions or information disclosure if these handlers perform sensitive operations. While taint analysis found no unsanitized flows, the lack of proper authorization on AJAX endpoints is a critical oversight that exposes the plugin to potential abuse by unauthorized users.

Key Concerns

AJAX handlers without authentication checks

Vulnerabilities

None known

PopupNotifix Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

PopupNotifix Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

43 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

100% escaped43 total outputs

Attack Surface

4 unprotected

PopupNotifix Attack Surface

Entry Points4

Unprotected4

AJAX Handlers 4

authwp_ajax_popup_notifix_track_viewpopupnotifix.php:88

noprivwp_ajax_popup_notifix_track_viewpopupnotifix.php:89

authwp_ajax_popup_notifix_track_clickpopupnotifix.php:97

noprivwp_ajax_popup_notifix_track_clickpopupnotifix.php:98

WordPress Hooks 8

actionadmin_menuincludes\admin-settings.php:7

actionadmin_initincludes\admin-settings.php:21

actionadmin_menuincludes\analytics-dashboard.php:7

actioninitincludes\cpt-popup-notifix.php:60

actionadd_meta_boxesincludes\cpt-popup-notifix.php:62

actionsave_postincludes\cpt-popup-notifix.php:175

actionwp_enqueue_scriptspopupnotifix.php:40

actionwp_footerpopupnotifix.php:106

Maintenance & Trust

PopupNotifix Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedSep 10, 2025

PHP min version

Downloads200

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

PopupNotifix Alternatives

Themify Popup

themify-popup

Turn visitors into subscribers and increase sale conversions! Use Popup to show newsletter forms, promotions, or lightbox content.

9K 1 CVE

WP Live Social-Proof

wp-real-time-social-proof

100

The best animated, live, social-proof plugin for WooCommerce, Easy Digital Downloads or webinars and subscriptions to compel buyer action.

100 No CVEs

Notifal – Popup Builder & Notification Tool to Grow Email List, Increase Sale & Boost Conversion

notifal

100

Show Newsletter Form Popups, Discounted Products Notifications, Exit Intent Popups and More to Boost Conversion. 🚀 Unlimited Impressions!

80 No CVEs

ConvertForce Popup Builder

convertforce-popup-builder

A lightweight popup and notification bar plugin to boost your conversions without slowing down your site.

50 1 CVE

Useinfluence

useinfluence

UseInfluence uses 'Social Proof Notifications' to give a conversion BOOST to your website's traffic. Our realtime notifications puts a …

50 1 unpatched

Developer Profile

PopupNotifix Developer Profile

aziz3d

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect PopupNotifix

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/popupnotifix/assets/css/popup-notifix.css/wp-content/plugins/popupnotifix/assets/js/popup-notifix.js

Script Paths

/wp-content/plugins/popupnotifix/assets/js/popup-notifix.js

Version Parameters

popupnotifix/assets/css/popup-notifix.css?ver=popupnotifix/assets/js/popup-notifix.js?ver=

HTML / DOM Fingerprints

CSS Classes

popup-notifix-containerpopup-notifix-overlaypopup-notifix-contentpopup-notifix-closepopup-notifix-video-wrapper

Data Attributes

id="popup-notifix-container"

JS Globals

popupNotifix

FAQ