CVE-2026-3475 | instantpopupbuilder Instant Popup Builder Plugin up to 1.1.7 on WordPress Token handle_email_verification_page token/email authorization

A vulnerability classified as critical has been found in instantpopupbuilder Instant Popup Builder Plugin up to 1.1.7 on WordPress. This impacts the function handle_email_verification_page of the component Token Handler. This manipulation of the argument token/email causes missing authorization.

The identification of this vulnerability is CVE-2026-3475. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More