Title: Security Vulnerablity Last modified: October 5, 2023 --- # Security Vulnerablity * Resolved [alexDx](https://wordpress.org/support/users/alexdx/) * (@alexdx) * [2 years, 8 months ago](https://wordpress.org/support/topic/security-vulnerablity-2/) * Wordfence is reporting a security vulnerability. I use your plugin on 200+ sites but unless this is fixed, we will be finding a different plugin. Viewing 6 replies - 1 through 6 (of 6 total) * [framtidensporslinab](https://wordpress.org/support/users/framtidensporslinab/) * (@framtidensporslinab) * [2 years, 8 months ago](https://wordpress.org/support/topic/security-vulnerablity-2/#post-17104848) * Just wanted to add that this security issue have been known for quite some time now. Would apricate an update from the developer soon. * Plugin Support [Jawada](https://wordpress.org/support/users/jawada/) * (@jawada) * [2 years, 8 months ago](https://wordpress.org/support/topic/security-vulnerablity-2/#post-17111477) * Hello, * We’re excited to announce the release of Popup Builder Version 4.2.0. We encourage you to upgrade to this latest version. If you have any inquiries or need assistance, feel free to reach out to us via our support portal. We’re here to help! * [https://help.popup-builder.com/en/](https://help.popup-builder.com/en/) * Sincerely, * [TomCobbley](https://wordpress.org/support/users/tomcobbley/) * (@tomcobbley) * [2 years, 8 months ago](https://wordpress.org/support/topic/security-vulnerablity-2/#post-17115343) * This new release (4.2.0) is still being flagged as vulnerable. See here [https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/popup-builder/popup-builder-4115-authenticated-admin-stored-cross-site-scripting](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/popup-builder/popup-builder-4115-authenticated-admin-stored-cross-site-scripting) - This reply was modified 2 years, 8 months ago by [TomCobbley](https://wordpress.org/support/users/tomcobbley/). * [veerlevw](https://wordpress.org/support/users/veerlevw/) * (@veerlevw) * [2 years, 8 months ago](https://wordpress.org/support/topic/security-vulnerablity-2/#post-17115926) * Indeed I justed unistalled Popup Builder and re-installed. Still got the message in wordfence. * [bluesix](https://wordpress.org/support/users/bluesix/) * (@bluesix) * [2 years, 8 months ago](https://wordpress.org/support/topic/security-vulnerablity-2/#post-17120272) * [@jawada](https://wordpress.org/support/users/jawada/) Wordfence is saying v4.2.0 still contains the vulnerability that was announced in August [https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/popup-builder/popup-builder-4115-authenticated-admin-stored-cross-site-scripting](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/popup-builder/popup-builder-4115-authenticated-admin-stored-cross-site-scripting) - This reply was modified 2 years, 8 months ago by [bluesix](https://wordpress.org/support/users/bluesix/). * [robaczek1](https://wordpress.org/support/users/robaczek1/) * (@robaczek1) * [2 years, 8 months ago](https://wordpress.org/support/topic/security-vulnerablity-2/#post-17121068) * Well, at least it doesn’t affect all users, only affects multi-site installations and installations where unfiltered_html has been disabled. Viewing 6 replies - 1 through 6 (of 6 total) The topic ‘Security Vulnerablity’ is closed to new replies. * ![](https://ps.w.org/popup-builder/assets/icon-128x128.gif?rev=2698840) * [Popup Builder - Create highly converting, mobile friendly marketing popups.](https://wordpress.org/plugins/popup-builder/) * [Frequently Asked Questions](https://wordpress.org/plugins/popup-builder/#faq) * [Support Threads](https://wordpress.org/support/plugin/popup-builder/) * [Active Topics](https://wordpress.org/support/plugin/popup-builder/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/popup-builder/unresolved/) * [Reviews](https://wordpress.org/support/plugin/popup-builder/reviews/) * 8 replies * 7 participants * Last reply from: [robaczek1](https://wordpress.org/support/users/robaczek1/) * Last activity: [2 years, 8 months ago](https://wordpress.org/support/topic/security-vulnerablity-2/#post-17121068) * Status: resolved