CVE-2025-13192 | Popup Builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers Plugin REST API Endpoint sql injection

Inserito da Angelo Barbosa | Feb 4, 2026 | CVE

A vulnerability, which was classified as critical, was found in Popup Builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers Plugin up to 2.2.0/2.2.1/2.2.3 on WordPress. The affected element is an unknown function of the component REST API Endpoint. The manipulation results in sql injection.

This vulnerability is reported as CVE-2025-13192. The attack can be launched remotely. No exploit exists.

CVE-2025-13192 | Popup Builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers Plugin REST API Endpoint sql injection

Post correlati

CVE-2024-32358 | JPress 5.1.0 Custom Plug-In Module Privilege Escalation

CVE-2024-2721 | Sygnoos Social Media Share Buttons Plugin up to 2.1.0 on WordPress deserialization

CVE-2023-48985 | CUSG Content Management System up to 7.74 login.php cross site scripting

CVE-2023-25199 | MT Safeline X-Ray X3310 NXG 19.05 Webserver cross site scripting