80 matches found
PT-2023-23850 · Pluginops · Form Builder +3
Name of the Vulnerable Software and Affected Versions: PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder versions 4.0.9.3 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability. This...
CVE-2023-48325
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in PluginOps Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages.This issue affects Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages: from n/a through 1.5.1.5...
Open redirect
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in PluginOps Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages.This issue affects Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages: from n/a through 1.5.1.5...
CVE-2023-48325
CVE-2023-48325: Open Redirect in Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages (PluginOps Landing Page Builder) up to version 1.5.1.5. Root cause: insufficient validation of the redirect URL, enabling URL redirection to an untrusted site. Impact: informati...
CVE-2023-48325 WordPress Landing Page Builder Plugin <= 1.5.1.5 is vulnerable to Open Redirection
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in PluginOps Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages.This issue affects Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages: from n/a through 1.5.1.5...
PT-2023-30785 · WordPress · Pluginops Landing Page Builder
Name of the Vulnerable Software and Affected Versions: PluginOps Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages versions 1.5.1.5 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect'...
CVE-2023-47227
A vulnerability in PluginOps Social Feed | All social media in one place add-facebook.This issue affects Social Feed | All social media in one place: from n/a through = 1.5.4.6...
CVE-2023-47228
A vulnerability in PluginOps Layer Slider slider-slideshow.This issue affects Layer Slider: from n/a through = 1.1.9.7...
CVE-2023-46777
A vulnerability in PluginOps Feather Login Page feather-login-page.This issue affects Feather Login Page: from n/a through = 1.1.3...
CVE-2023-40675
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PluginOps Landing Page Builder plugin = 1.5.1.2 versions...
CVE-2023-40675
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PluginOps Landing Page Builder plugin = 1.5.1.2 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PluginOps Landing Page Builder plugin = 1.5.1.2 versions...
CVE-2023-40675
CVE-2023-40675 refers to a Stored Cross-Site Scripting (XSS) vulnerability in the PluginOps Landing Page Builder plugin for WordPress, affecting versions up to 1.5.1.2. The vulnerability requires authentication with admin+ privileges and is classified as a stored XSS issue (no explicit exploit de...
PT-2023-27593 · Unknown · Pluginops Landing Page Builder
Name of the Vulnerable Software and Affected Versions: PluginOps Landing Page Builder plugin versions 1.5.1.2 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For PluginOps Landin...
CVE-2023-33328
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PluginOps MailChimp Subscribe Form plugin = 4.0.9.1 versions...
CVE-2023-33328
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PluginOps MailChimp Subscribe Form plugin = 4.0.9.1 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PluginOps MailChimp Subscribe Form plugin = 4.0.9.1 versions...
CVE-2023-33328
CVE-2023-33328 : A Stored Cross-Site Scripting (XSS) vulnerability in the PluginOps MailChimp Subscribe Form plugin (versions
PT-2023-24296 · Pluginops · Pluginops Mailchimp Subscribe Forms
Name of the Vulnerable Software and Affected Versions: PluginOps MailChimp Subscribe Form plugin versions prior to 4.0.9.1 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin or higher privileges. Recommendations: For...
WordPress PluginOps Page Builder plugin <= 1.4.3 - Authenticated Local File Inclusion (LFI) Vulnerability
Authenticated Local File Inclusion LFI Vulnerability exists in 1.4.3 version in the function pbshortcodesamplenav. It allows an attacker to include local files by using menuclass shortcode argument in pbsamlplenav shortcode. Solution Update the plugin...