CVE-2025-69025 - Vulnerability Details

CVE-2025-69025 - WordPress Poptics: AI-Powered Popup Builder for Lead Generation, Conversions, Exit-Intent, Email Opt-ins & WooCommerce Sales plugin <= 1.0.20 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Aethonic Poptics: AI-Powered Popup Builder for Lead Generation, Conversions, Exit-Intent, Email Opt-ins & WooCommerce Sales poptics allows Retrieve Embedded Sensitive Data.This issue affects Poptics: AI-Powered Popup Builder for Lead Generation, Conversions, Exit-Intent, Email Opt-ins & WooCommerce Sales: from n/a through <= 1.0.20.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00018.

Key SSVC decision points have not yet been added.

No data.

References

Link	Providers
https://vdp.patchstack.com/database/Wordpress/Plugin/poptics/vulnerability/wordpress-poptics-ai-powered-popup-builder-for-lead-generation-conversions-exit-intent-email-opt-ins-woocommerce-sales-plugin-1-0-20-sensitive-data-exposure-vulnerability?_s_id=cve

History

Tue, 30 Dec 2025 11:00:00 +0000

Type	Values Removed	Values Added
Description		Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Aethonic Poptics: AI-Powered Popup Builder for Lead Generation, Conversions, Exit-Intent, Email Opt-ins & WooCommerce Sales poptics allows Retrieve Embedded Sensitive Data.This issue affects Poptics: AI-Powered Popup Builder for Lead Generation, Conversions, Exit-Intent, Email Opt-ins & WooCommerce Sales: from n/a through <= 1.0.20.
Title		WordPress Poptics: AI-Powered Popup Builder for Lead Generation, Conversions, Exit-Intent, Email Opt-ins & WooCommerce Sales plugin <= 1.0.20 - Sensitive Data Exposure vulnerability
Weaknesses		CWE-497
References		https://vdp.patchstack.com/database/Wordpress/Plugin/poptics/vulnerability/wordpress-poptics-ai-powered-popup-builder-for-lead-generation-conversions-exit-intent-email-opt-ins-woocommerce-sales-plugin-1-0-20-sensitive-data-exposure-vulnerability?_s_id=cve

MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2025-12-30T10:47:55.921Z

Updated: 2025-12-30T10:47:55.921Z

Reserved: 2025-12-29T11:18:35.617Z

Link: CVE-2025-69025

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-30T11:16:01.007

Modified: 2025-12-30T11:16:01.007

Link: CVE-2025-69025

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object