Simple exit popup Security & Risk Analysis
wordpress.org/plugins/simple-exit-popupSimple exit pop up plugin that uses jQuery and the Animate style library to display the pop up box when users try to exit the browser window.
Is Simple exit popup Safe to Use in 2026?
Generally Safe
Score 85/100Simple exit popup has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "simple-exit-popup" plugin version 1.4 presents a generally positive security posture based on the provided static analysis and vulnerability history. The absence of any known CVEs, including critical or high severity vulnerabilities, is a significant strength. Furthermore, the code demonstrates good practices in SQL query handling, with 90% of queries utilizing prepared statements. The limited attack surface, consisting of only one shortcode and no AJAX handlers or REST API routes without proper checks, is also commendable.
However, there are areas for concern that slightly diminish its overall security. The output escaping is only properly handled in 53% of cases, indicating a potential for Cross-Site Scripting (XSS) vulnerabilities, especially if user-supplied data is involved in the unescaped outputs. The presence of capability checks on only 0 entry points is a notable weakness. While the current attack surface is small, any future additions or modifications to these entry points without proper capability checks could lead to privilege escalation or unauthorized access issues. The plugin also lacks nonce checks on all identified entry points, which could be exploited in certain scenarios.
In conclusion, the plugin benefits from a clean vulnerability history and a limited attack surface with good SQL practices. However, the moderate output escaping and the complete lack of capability checks on its entry points represent potential risks that should be addressed to further harden its security.
Key Concerns
- Output escaping is only 53% proper
- 0 capability checks on entry points
- Nonce checks missing on 1 entry point
Simple exit popup Security Vulnerabilities
Simple exit popup Code Analysis
SQL Query Safety
Output Escaping
Simple exit popup Attack Surface
Shortcodes 1
WordPress Hooks 5
Maintenance & Trust
Simple exit popup Maintenance & Trust
Maintenance Signals
Community Trust
Simple exit popup Alternatives
IFrame Widget
iframe-widget
IFrame widget can display any external HTML page inside an HTML IFrame component.
Strx Youtube Embed Widget
strx-youtube-widget
Strx Youtube Embed Widget lets you embed youtube videos on sidebars enabled sites simply pasting Youtube URLs
NewPath WildApricotPress Add-on – iFrame Widget
newpath-wildapricotpress-add-on-iframe-widget
The iFrame Widget block enables NewPath WildApricot Press customers to insert WildApricot iframe widgets into a post or page without needing to know t …
Regiondo ShortCodes
regiondo-widgets
Add Regiondo Widgets through Wordpress Shortcodes without the need to copy iFrames. Available Widgets: Booking, Reviews and Voucher.
Mini iframe box
mini-iframe-box
A mini iframe window box that contains another html content or web page url.
Simple exit popup Developer Profile
52 plugins · 19K total installs
How We Detect Simple exit popup
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/simple-exit-popup/pages/setting.js/wp-content/plugins/simple-exit-popup/classes/sepopups-register.php/wp-content/plugins/simple-exit-popup/classes/sepopups-query.phpHTML / DOM Fingerprints
sep_wrapperveil<!-- Exit if accessed directly --><!-- do not generate any output here -->data-sep_iddata-sep_titledata-sep_textdata-sep_groupdata-sep_style1data-sep_style2+11 moresepopups_adminscripts