Update the WordPress Popup | Custom Popup Builder plugin to the latest available version (at least 1.3.1).
Felipe de Avila discovered and reported this Denial of Service Attack vulnerability in WordPress Popup | Custom Popup Builder Plugin. A denial of service attack occurs when a malicious actor can cause the endpoint, or website, to crash or refuse to serve requests to one or more users by causing it to hang, crash or make unusable. This vulnerability has been fixed in version 1.3.1.