Title: Plugin is compromised Last modified: April 3, 2024 --- # Plugin is compromised * Resolved [calhas](https://wordpress.org/support/users/calhas/) * (@calhas) * [2 years, 2 months ago](https://wordpress.org/support/topic/plugin-is-compromised/) * Hi, the plugin has been compromised. I see malicious code, inside the custom js texareas. I removed it for now, but it would be nice to have a plugin update to fix this. * See source for further info: [https://blog.sucuri.net/2024/03/new-malware-campaign-found-exploiting-stored-xss-in-popup-builder-4-2-3.html](https://blog.sucuri.net/2024/03/new-malware-campaign-found-exploiting-stored-xss-in-popup-builder-4-2-3.html) Viewing 4 replies - 1 through 4 (of 4 total) * [Niko Birbilis](https://wordpress.org/support/users/harmolipi/) * (@harmolipi) * [2 years, 1 month ago](https://wordpress.org/support/topic/plugin-is-compromised/#post-17691507) * Has this been fixed? I see this in the 4.2.7 changelog note: * > Fix vulnerabilities issue of Authenticated (Contributor+) Stored Cross-Site > Scripting via Shortcode. * That sounds like it could be describing this vulnerability but not positive. Any official confirmation? * **Edit:** just found [this thread](https://wordpress.org/support/topic/plugin-hacked-again/) where the dev posted that it’s been updated and resolved. So hopefully we’re good to go for now? - This reply was modified 2 years, 1 month ago by [Niko Birbilis](https://wordpress.org/support/users/harmolipi/). Reason: Found a response from the dev * Plugin Support [Jawada](https://wordpress.org/support/users/jawada/) * (@jawada) * [2 years, 1 month ago](https://wordpress.org/support/topic/plugin-is-compromised/#post-17700316) * Hi [@calhas](https://wordpress.org/support/users/calhas/) * We are sorry to hear that you are having this issue. This issue has been addressed in our last update and users with the older versions are experiencing this issue, we kindly request you to update the plugin to the latest version. The issue occurred to those sites who have multisite features enabled.  * Please also, check your custom JS/CSS menu under the popup and if you have any unknown code, please remove it. Also, please make sure you don’t have any unknown admin account on your site. * I hope this will help. If you require further assistance or have any additional questions, please don’t hesitate to contact us through our support portal. Our team is always here to help! * [https://help.popup-builder.com/en/](https://help.popup-builder.com/en/) * Sincerely, * Plugin Support [Jawada](https://wordpress.org/support/users/jawada/) * (@jawada) * [2 years, 1 month ago](https://wordpress.org/support/topic/plugin-is-compromised/#post-17700318) * Hi [@harmolipi](https://wordpress.org/support/users/harmolipi/) * Thank you for your assistance here, we really appriciate it. * Regards * [Niko Birbilis](https://wordpress.org/support/users/harmolipi/) * (@harmolipi) * [2 years, 1 month ago](https://wordpress.org/support/topic/plugin-is-compromised/#post-17700322) * [@jawada](https://wordpress.org/support/users/jawada/) That’s good to know, thanks for confirming. Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘Plugin is compromised’ is closed to new replies. * ![](https://ps.w.org/popup-builder/assets/icon-128x128.gif?rev=2698840) * [Popup Builder - Create highly converting, mobile friendly marketing popups.](https://wordpress.org/plugins/popup-builder/) * [Frequently Asked Questions](https://wordpress.org/plugins/popup-builder/#faq) * [Support Threads](https://wordpress.org/support/plugin/popup-builder/) * [Active Topics](https://wordpress.org/support/plugin/popup-builder/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/popup-builder/unresolved/) * [Reviews](https://wordpress.org/support/plugin/popup-builder/reviews/) * 5 replies * 3 participants * Last reply from: [Niko Birbilis](https://wordpress.org/support/users/harmolipi/) * Last activity: [2 years, 1 month ago](https://wordpress.org/support/topic/plugin-is-compromised/#post-17700322) * Status: resolved