CVE-2026-4131 | sphex1987 WP Responsive Popup and Optin Plugin up to 1.4 on WordPress Setting wpo_admin_page.php wpo_image_url cross-site request forgery

A vulnerability classified as problematic has been found in sphex1987 WP Responsive Popup and Optin Plugin up to 1.4 on WordPress. The impacted element is an unknown function of the file wpo_admin_page.php of the component Setting Handler. The manipulation of the argument wpo_image_url leads to cross-site request forgery.

This vulnerability is referenced as CVE-2026-4131. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More