FAIR

Federated and Independent Repositories

Catch Popup

Plugin Banner

Catch Popup

by Mahesh Maharjan

Download
Description

Catch Popup is a free versatile popup WordPress plugin that is power-packed with incredible features and customization option. It is completely responsive, flexible, and comes with a wide range of features so that you can customize every aspect of your popup. Even the smallest elements like Titles and Close button are loaded with customization options. Despite the plugin bursting with features, it is extremely easy to use. Features like Popup Themes, Triggers, Appearance, Close button, Targeting, and more are integrated into Catch Popup. All of these features are jam-packed with options inside. You have the hold of each and every aspect of the popup. In addition to its versatility, the WordPress Popup Plugin comes with five in-built popup themes. You can even add popups in your posts, pages, custom post types or anywhere you like with the shortcode option. Since popups can be an excellent marketing tool, Catch popup will help you boost your business and conversion through user-friendly popups.

The easy way (via Dashboard) :

  • Go to Plugins > Add New
  • Type in the Catch Popup in Search Plugins box
  • Click Install Now to install the plugin
  • After Installation click activate to start using the Catch Popup
  • Go to Catch Popup from Dashboard menu

Not so easy way (via FTP) :

  • Download the Catch Popup
  • Unarchive Catch Popup plugin
  • Copy folder with catchp-popup.zip
  • Open the ftp \wp-content\plugins\
  • Paste the plug-ins folder in the folder
  • Go to admin panel => open item “Plugins” => activate Catch Popup
  • Go to Catch Popup from Dashboard menu
  1. Catch popup trigger settings

    Catch popup trigger settings

  2. Catch popup theme select settings

    Catch popup theme select settings

  3. Catch popup display settings

    Catch popup display settings

  4. Catch popup close button settings

    Catch popup close button settings

  5. Catch popup target settings

    Catch popup target settings

Plugin support doesn't work.

By Denis (deniskorablev) on March 30, 2021

Plugin support doesn't work. The plugin performs strange actions and tries to connect to the RSS feed, to which WordPress issues a warning. I think there is something sewn into it that collects personal data.

2.0 (Released: May 21, 2026)

  • Security Fix: Added nonce verification to catch_popup_get_data AJAX handler
  • Security Fix: Shortcode html_tag attribute now validated against an allowlist to prevent XSS
  • Security Fix: add_plugin_meta_links() output now escaped with wp_kses()
  • Security Fix: $_POST[‘post_ID’] sanitized with absint() before use in save handler
  • Security Fix: $_POST values unslashed before sanitization in catch_popup_save()
  • Bug Fixed: AJAX calls now pass nonce via cpop_object.ajax_nonce localized variable
  • Bug Fixed: $tag->post_title corrected to $tag->name for WP_Term objects in catch_popup_get_data()
  • Bug Fixed: get_posts() args corrected from ‘status’=>’published’ to ‘post_status’=>’publish’
  • Bug Fixed: $styles[‘close’][‘font-family’] no longer stores a boolean from isset()
  • Bug Fixed: console.log(counter) debug statement removed from generated popup JS
  • Bug Fixed: Duplicate value attribute removed from catch_popup_auto_height checkbox
  • Bug Fixed: Dead code $popup->ID; standalone statements removed
  • Bug Fixed: Function renamed from something() to catch_popup_maybe_enqueue_assets() to prevent naming conflicts
  • Bug Fixed: $_GET[‘post_type’] and $_GET[‘action’] now sanitized with sanitize_key() before comparison
  • Bug Fixed: esc_html(‘Remove’, ‘catch-popup’) corrected to esc_html__() so string is translatable
  • Bug Fixed: esc_html($post_value[‘post_title’], ‘catch-popup’) — spurious second argument removed
  • Bug Fixed: esc_attr() replaced with esc_html() for popup title element text in shortcode output
  • Bug Fixed: WP_Filesystem() now initialized before use in enqueue-scripts-styles.php
  • Bug Fixed: strtotime(‘now’) replaced with time()
  • Bug Fixed: Duplicate ABSPATH guard removed from install-functions.php
  • Bug Fixed: Admin script version corrected from hardcoded ‘1.0.1’ to CATCH_POPUP_VERSION
  • Bug Fixed: Admin scripts moved to footer for improved page performance
  • Bug Fixed: Replaced deprecated wp.editor.ServerSideRender with wp.serverSideRender — block was silently failing to register, making it invisible in the block inserter
  • Bug Fixed: Added missing wp-server-side-render script dependency to block registration
  • Bug Fixed: Replaced deprecated ‘wp-editor’ script dependency with ‘wp-block-editor’ in block registration
  • Code Quality: Plugin Check — NonceVerification.Missing in catch_popup_theme_save() fixed by checking nonce field presence before any $_POST access
  • Code Quality: Plugin Check — MissingUnslash in catch_popup_theme_save() fixed by calling wp_unslash() on the submitted popup_theme array before sanitizing individual fields
  • Code Quality: Plugin Check — NonceVerification.Recommended for $_GET reads in catch_popup_maybe_enqueue_assets() suppressed with phpcs:ignore; these params are read only to detect the current admin page, not to process user input
  • Code Quality: Plugin Check — NonPrefixedHooknameFound fixed; filter hooks generated_css, theme_get_generated_styles, generate_popup_theme_styles, and generate_popup_styles now all carry the catch_popup_ prefix
  • Code Quality: Plugin Check — NonPrefixedVariableFound fixed; global-scope loop variable $hook in catch-popup-editor-button.php renamed to $catch_popup_hook
  • Bug Fixed: “Error loading block: Invalid parameter(s): attributes” — replaced ServerSideRender REST call with a static editor placeholder; the block trigger preview now renders instantly in the editor without any REST API round-trip
  • Bug Fixed: Click-triggered popups never opened — wp_strip_all_tags() was used to write the generated JS cache file, which silently deleted all JavaScript content inside the tags; replaced with preg_replace() that strips only the tag wrappers
  • Bug Fixed: Click-triggered popup only opened on first page load and failed on refresh — click handler was bound inside $(window).on(‘load’) which is a one-shot event missed entirely when the page loads from cache; moved handler binding directly into the DOM-ready jQuery wrapper
  • Bug Fixed: Clicking a trigger for popup A would set container opacity on popup B — the opacity line used a hardcoded PHP loop variable instead of the dynamic id captured from the click target’s data-popup attribute
  • Code Quality: Plugin Check — removed load_plugin_textdomain()
  • Compatibility check up to version 7.0

1.5 (Released: February 05, 2026)

  • Bug Fixed: WordPress.WP.AlternativeFunctions.file_system_operations_mkdir
  • Bug Fixed: WordPress.WP.AlternativeFunctions.strip_tags_strip_tags
  • Bug Fixed: WordPress.DateTime.RestrictedFunctions.date_date
  • Bug Fixed: WordPress.Security.EscapeOutput.OutputNotEscaped
  • Bug Fixed: WordPress.WP.I18n.NonSingularStringLiteralText
  • Bug Fixed: WordPress.WP.I18n.TextDomainMismatch
  • Bug Fixed: plugin_header_invalid_author_uri
  • Bug Fixed: Translation loading
  • Bug Fixed: stable_tag_mismatch
  • Bug Fixed: license_mismatch
  • Compatibility check up to version 6.9.1

1.4.4 (Released: November 15, 2023)

  • Compatibility check up to version 6.4

1.4.3 (Released: December 14, 2022)

  • Compatibility check up to version 6.1

1.4.2 (Released: February 24, 2022)

  • Compatibility check up to version 5.9

1.4.1 (Released: August 06, 2021)

  • Bug Fixed: Catch popup blocks

1.4 (Released: August 05, 2021)

  • Compatibility check up to version 5.8

1.3 (Released: March 11, 2021)

  • Compatibility check up to version 5.7
  • Bug Fixed: wp_localize_script issue
  • Bug Fixed: Catch popup blocks

1.2 (Released: March 12, 2020)

  • Bug Fixed: Title font family issue
  • Code optimization
  • Compatibility check up to version 5.4

1.1 (Released: November 12, 2019)

  • Compatibility check up to version 5.3

1.0.0 (Released: September 21, 2019)

  • Initial Release
Back to top