CVE-2025-11762 HubSpot All-In-One Marketing - Forms, Popups, Live Chat <= 11.3.32 - Missing Authorization to Authenticated (Contributor+) Installed Plugin Disclosure

The HubSpot All-In-One Marketing - Forms, Popups, Live Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 11.3.32 via the leadin/public/admin/class-adminconstants.php file. This makes it possible for authenticated attackers, with...

CVE-2025-14316 AhaChat Messenger Marketing <= 1.1 - Reflected XSS

The AhaChat Messenger Marketing WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

WordPress plugin Email marketing for WordPress by GetResponse Official 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that provides the ability to set up a personal blog site on a PHP and MySQL based server. A security vulnerability exists in WordPress plugin...

Opti Marketing Plugin for WordPress <= 2.0.9 SQL Injection

The WordPress Opti Marketing Plugin installed on the remote host is affected by an unauthenticated SQL injection vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...

CVE-2024-6928

The Opti Marketing WordPress plugin through 2.0.9 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

WordPress plugin Opti Marketing 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Opti Marketing plugin <= 2.0.9 - Unauthenticated SQLi vulnerability

Unauthenticated SQLi vulnerability discovered by Project Black in WordPress Plugin Opti Marketing versions = 2.0.9...

CVE-2023-45053 WordPress WP Content Pilot plugin <= 1.3.3 - HTML Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in pluginever WP Content Pilot – Autoblogging & Affiliate Marketing Plugin allows Code Injection.This issue affects WP Content Pilot – Autoblogging & Affiliate Marketing Plugin: from n/a through 1.3.3...

WordPress Plugin WP MLM SOFTWARE PLUGIN Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin WP MLM...

CVE-2023-28421

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Winwar Media WordPress Email Marketing Plugin – WP Email Capture.This issue affects WordPress Email Marketing Plugin – WP Email Capture: from n/a through 3.10...

Code injection

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Winwar Media WordPress Email Marketing Plugin – WP Email Capture.This issue affects WordPress Email Marketing Plugin – WP Email Capture: from n/a through 3.10...

CVE-2023-27455

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Maui Marketing Update Image Tag Alt Attribute plugin = 2.4.5 versions...

CVE-2023-27455 WordPress Update Image Tag Alt Attribute Plugin <= 2.4.5 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Maui Marketing Update Image Tag Alt Attribute plugin = 2.4.5 versions...

WordPress Plugin InBoundio Marketing 1.0 - Arbitrary File Upload

WordPress Plugin InBoundio Marketing 1.0 - Arbitrary File Upload Dx . Made In Algeria . xZ Title : WordPress plugin InBoundio Marketing Shell Upload Vulnerability Author : KedAns-Dz + E-mail : ked-h @hotmail.com + FaCeb0ok : fb.me/K3d.Dz + TwiTter : @kedans Platform : PHP / WebApp + Cat/Tag : Fil...