Does Simple Self-Styleable Pop Up have any unpatched vulnerabilities?

No. All known vulnerabilities in Simple Self-Styleable Pop Up have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Simple Self-Styleable Pop Up compatible with WordPress 4.3.34?

According to WordPress.org data, Simple Self-Styleable Pop Up 0.6 has been tested up to WordPress 4.3.34. Check the plugin's changelog for the latest compatibility information.

How often is Simple Self-Styleable Pop Up updated?

Simple Self-Styleable Pop Up was last updated on Nov 17, 2015. Frequent updates are generally a positive security signal.

What is Simple Self-Styleable Pop Up's security score?

Simple Self-Styleable Pop Up has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Simple Self-Styleable Pop Up Security & Risk Analysis

wordpress.org/plugins/simple-self-styleable-pop-up

SSSPU allows users to easily add pop-ups to their websites. Intermediate HTML and CSS knowledge is required for this plugin.

10 active installs v0.6 PHP + WP 3.4+ Updated Nov 17, 2015

cookiecookie-disclaimerpop-uppopup

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Simple Self-Styleable Pop Up Safe to Use in 2026?

Generally Safe

Score 85/100

Simple Self-Styleable Pop Up has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The "simple-self-styleable-pop-up" plugin v0.6 exhibits a significant security concern due to its unprotected AJAX handlers. All four identified AJAX entry points lack authentication checks, making them highly susceptible to unauthorized access and manipulation. This creates a substantial attack surface where any user, including unauthenticated ones, could potentially trigger these handlers, leading to unintended actions or data exposure. While the code analysis shows no direct use of dangerous functions, raw SQL queries, or unescaped output, the absence of proper authorization on critical entry points overrides these positive findings.

The plugin's vulnerability history is clean, with no known CVEs or past security issues recorded. This might suggest a history of secure development or a lack of targeted attacks. However, the current static analysis reveals a critical weakness in its authorization mechanisms. The lack of nonce checks and capability checks on the AJAX handlers is a major oversight. Without these, attackers can easily forge requests and exploit the plugin's functionality.

In conclusion, despite a clean vulnerability history and good practices in other areas like SQL usage and output escaping, the "simple-self-styleable-pop-up" plugin v0.6 has a poor overall security posture due to its unprotected AJAX handlers. The absence of authentication on these entry points presents a high risk, and immediate remediation is recommended to implement proper authorization checks.

Key Concerns

AJAX handlers without authentication checks
AJAX handlers without nonce checks
AJAX handlers without capability checks

Vulnerabilities

None known

Simple Self-Styleable Pop Up Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Simple Self-Styleable Pop Up Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

4 unprotected

Simple Self-Styleable Pop Up Attack Surface

Entry Points4

Unprotected4

AJAX Handlers 4

authwp_ajax_ssspu_frontend_css_hookssspu.php:16

noprivwp_ajax_ssspu_frontend_css_hookssspu.php:17

authwp_ajax_ssspu_backend_css_hookssspu.php:18

noprivwp_ajax_ssspu_backend_css_hookssspu.php:19

WordPress Hooks 5

actionwp_headssspu.php:11

actionwp_footerssspu.php:12

actionadmin_menussspu.php:13

actionwp_enqueue_scriptsssspu.php:14

actionadmin_enqueue_scriptsssspu.php:15

Maintenance & Trust

Simple Self-Styleable Pop Up Maintenance & Trust

Maintenance Signals

WordPress version tested4.3.34

Last updatedNov 17, 2015

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Simple Self-Styleable Pop Up Alternatives

Popup Builder – Create highly converting, mobile friendly marketing popups.

popup-builder

Increase Sales, Lead Generation, Conversion rates and receive good Call to Action rates with smart WordPress popup plugin.

200K 23 CVEs

Popup Box – Create Countdown, Coupon, Video, Contact Form Popups

ays-popup-box

Build flexible popups and modal windows with multiple popup types, triggers, and display controls.

50K 17 CVEs

Poptin – Exit Pop Ups & Email Popups

poptin

100

Free exit intent popup builder, gamified popups with spin the wheel, contact form builder & lead generation pop ups platform for your website. 🎉

20K 1 CVE

Pop-up

pop-up-pop-up

Pop-up Popups

10K 2 CVEs

BST DSGVO Cookie

bst-dsgvo-cookie

DSGVO Cookie Hinweis - WordPress Plugin

5K No CVEs

Developer Profile

Simple Self-Styleable Pop Up Developer Profile

MichaelNi

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Simple Self-Styleable Pop Up

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/simple-self-styleable-pop-up/includes/ssspu_admin_js.js

Script Paths

admin-ajax.php?action=ssspu_frontend_css_hookadmin-ajax.php?action=ssspu_backend_css_hookincludes/ssspu_admin_js.js

HTML / DOM Fingerprints

CSS Classes

ssspu-close

HTML Comments

start of plugin admin menu; load previously stored options from database

Data Attributes

ssspu_admin

JS Globals

ssspu_activessspu_outsideclickssspu_firstvisitssspu_fadeinssspu_fadeoutssspu_delay+1 more

Shortcode Output

<div id="ssspu-wrapper">

FAQ