WordPress Hustle - Email Marketing, Lead Generation, Optins, Popups plugin <= 7.8.10.2 - Missing Authorization to Unauthenticated Conversion Tracking Data Manipulation vulnerability

WordPress Hustle - Email Marketing, Lead Generation, Optins, Popups plugin = 7.8.10.2 - Missing Authorization to Unauthenticated Conversion Tracking Data Manipulation vulnerability discovered by Nguyen C in WordPress Plugin Hustle versions = 7.8.10.2...

CVE-2024-10580 Hustle – Email Marketing, Lead Generation, Optins, Popups <= 7.8.5 - Missing Authorization to Unauthorized Form Submission

The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized form submissions due to a missing capability check on the submitform function in all versions up to, and including, 7.8.5. This makes it possible for unauthenticated attackers to submi...

CVE-2023-51534

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brave Brave – Create Popup, Optins, Lead Generation, Survey, Sticky Elements & Interactive Content allows Stored XSS.This issue affects Brave – Create Popup, Optins, Lead Generation, Survey, Sticky...

CVE-2023-51532

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building allows Stored XSS.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brave Brave – Create Popup, Optins, Lead Generation, Survey, Sticky Elements & Interactive Content allows Stored XSS.This issue affects Brave – Create Popup, Optins, Lead Generation, Survey, Sticky...

CVE-2023-51532 WordPress Icegram Plugin <= 3.1.19 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building allows Stored XSS.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder...

CVE-2023-52119

Cross-Site Request Forgery CSRF vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building: from n/a through 3.1.18...

CVE-2023-52119

Technical details about CVE-2023-52119, including affected versions, exploit vector, and patch status, are not provided in the supplied documents. Monitor for updates from upstream advisories; current sources only confirm a CSRF vulnerability in Icegram Engage up to v3.1.18.

WordPress Any Popup – Popup Forms, Optins & Ads Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Any Popup – Popup Forms, Optins & Ads Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e44a4be7d74c Credits Rafie Muhammad...

CVE-2022-1776

The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.1.8 does not sanitize and escape some campaign parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

Malicious code in lw-woo-gdpr-user-optins (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 105df6f835a4083e23ae8a715939002d9787e3a1f8290dcf1093dc9ae8039a9a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WordPress "Any Popup – Popup Forms, Optins & Ads" plugin <= 1.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress "Any Popup – Popup Forms, Optins & Ads" plugin versions = 1.0. Solution No patched version available...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the...

Wordpress plugin Viral Optins file upload vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A file upload vulnerability exists in the Wordpress plugin Viral Optins, which can be exploited by an attacker to upload...

WordPress Viral Optins Plugins - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugins Viral Optins - Arbitrary File Upload Exploit Author: x0id Date: 13 June 2017 Tested on: Windows 7 1 Search target with Google Dorking inurl:/wp-content/plugins/viral-optins/ 2 Exploit the websites...

Viral Optins - Arbitrary File Upload

Affected versions and whether the issue has been remediated is unclear as the vendor website does not exist anymore. PoC Upload!...

Viral Optins - Arbitrary File Upload

Affected versions and whether the issue has been remediated is unclear as the vendor website does not exist anymore. Upload!...