WP-Safety

Simply Popups – Popup, Modal, Lead Gen Security & Risk Analysis

wordpress.org/plugins/simply-popups

The simplest WordPress popup plugin. Create beautiful, effective popups with your own customizable content in minutes.

0 active installs v1.0.1 PHP 7.0+ WP 6.0+ Updated Feb 18, 2026
lead-generationlightboxmodalpopuptrigger
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Simply Popups – Popup, Modal, Lead Gen Safe to Use in 2026?

Generally Safe

Score 100/100

Simply Popups – Popup, Modal, Lead Gen has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "simply-popups" v1.0.1 plugin exhibits a generally good security posture based on the provided static analysis. The absence of dangerous functions, properly escaped output, and the use of prepared statements for all SQL queries are significant strengths. Furthermore, the lack of any recorded vulnerabilities, including CVEs, suggests a history of responsible development. The limited attack surface, with all identified entry points (shortcodes) not explicitly flagged as unprotected in the static analysis, is also a positive indicator.

However, there are notable areas for improvement. The complete absence of nonce checks and capability checks across all identified entry points presents a potential risk. While the static analysis reports 0 unprotected entry points, it's crucial to understand that shortcodes, especially if they can accept user input or trigger actions, should ideally be protected by nonces to prevent Cross-Site Request Forgery (CSRF) attacks. Similarly, capability checks are essential to ensure that only authorized users can interact with plugin functionality. The lack of taint analysis data (0 flows analyzed) is a limitation of the provided report, making it impossible to assess the risk of unsanitized data flowing through the plugin.

Key Concerns

  • Missing nonce checks on shortcodes
  • Missing capability checks on shortcodes
Vulnerabilities
None known

Simply Popups – Popup, Modal, Lead Gen Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Simply Popups – Popup, Modal, Lead Gen Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
22 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped22 total outputs
Attack Surface

Simply Popups – Popup, Modal, Lead Gen Attack Surface

Entry Points3
Unprotected0

Shortcodes 3

[simply-popups] classes\SimplyPopupsAppController.php:22
[frmmodal] classes\SimplyPopupsAppController.php:25
[frmmodal-content] classes\SimplyPopupsAppController.php:26
WordPress Hooks 7
actionadmin_initclasses\SimplyPopupsAppController.php:29
actioninitclasses\SimplyPopupsAppController.php:31
actionfrm_before_simple_form_renderclasses\SimplyPopupsAppController.php:33
actionwp_footerclasses\SimplyPopupsShortcodeController.php:33
filterwp_kses_allowed_htmlclasses\SimplyPopupsShortcodeController.php:177
filterfrm_include_addon_pageclasses\SimplyPopupsUpdate.php:52
actionplugins_loadedsimply-popups.php:52
Maintenance & Trust

Simply Popups – Popup, Modal, Lead Gen Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 18, 2026
PHP min version7.0
Downloads256

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Simply Popups – Popup, Modal, Lead Gen Alternatives

Lightbox & Modal Popup WordPress Plugin – FooBox

Lightbox & Modal Popup WordPress Plugin – FooBox

foobox-image-lightbox

A
94

A responsive image lightbox for WordPress galleries, WordPress attachments & FooGallery

100K 5 CVEs
Modal Window – create popup modal window

Modal Window – create popup modal window

modal-window

A
96

WordPress popup plugin for easily creating a popup and modal window with any kind of content and settings.

10K 7 CVEs
Pop-up

Pop-up

pop-up-pop-up

A
99

Pop-up Popups

10K 2 CVEs
Themify Popup

Themify Popup

themify-popup

A
99

Turn visitors into subscribers and increase sale conversions! Use Popup to show newsletter forms, promotions, or lightbox content.

9K 1 CVE
Light Modal Block

Light Modal Block

light-modal-block

A
100

Lightweight, customizable modal block for the WordPress block editor

2K No CVEs
Developer Profile

Simply Popups – Popup, Modal, Lead Gen Developer Profile

Strategy11 Team

8 plugins · 316K total installs

71
trust score
Avg Security Score
89/100
Avg Patch Time
844 days
View full developer profile
Detection Fingerprints

How We Detect Simply Popups – Popup, Modal, Lead Gen

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/simply-popups/css/simply-popups.css/wp-content/plugins/simply-popups/js/simply-popups.min.js
Script Paths
/wp-content/plugins/simply-popups/js/simply-popups.min.js
Version Parameters
simply-popups.min.js?ver=simply-popups.css?ver=

HTML / DOM Fingerprints

CSS Classes
simply-popupssimply-popups-scsimply-popups--hide-closewp-block-simply-popups-content
Data Attributes
data-toggle="modal"data-bs-toggle="modal"data-targetdata-bs-targetdata-bs-backdrop="static"data-bs-keyboard="false"+4 more
JS Globals
SimplyPopupsAppControllerSimplyPopupsShortcodeController
Shortcode Output
[simply_modal
FAQ

Frequently Asked Questions about Simply Popups – Popup, Modal, Lead Gen