WordPress · Popup/Slider Builder By Depicter · CVE-2025-11370
**Name of the Vulnerable Software and Affected Versions**
Popup and Slider Builder by Depicter versions through 4.0.7
**Description**
The Popup and Slider Builder by Depicter plugin for WordPress is susceptible to unauthorized data modification. A missing capability check within the `store` function of the `RulesAjaxController` class allows unauthenticated attackers to alter pop-up display settings.
**Recommendations**
Update the Popup and Slider Builder by Depicter plugin to a version later than 4.0.7.