Skip to main content

Landing Page Builder

3 CVEs product

Monthly

CVE-2026-57337 HIGH This Week

Cross-site scripting in the PluginOps Landing Page Builder WordPress plugin (versions <= 1.5.3.5) lets unauthenticated remote attackers inject script that executes in a victim's browser, with a scope change (S:C) indicating the payload can affect resources beyond the vulnerable component. The flaw requires victim interaction (UI:R) such as visiting a crafted link or page, and yields low-level confidentiality, integrity, and availability impact (CVSS 7.1). No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

XSS Landing Page Builder
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2023-48325 MEDIUM This Month

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in PluginOps Landing Page Builder - Lead Page - Optin Page - Squeeze Page - WordPress Landing Pages.5.1.5. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Open Redirect Landing Page Builder
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2023-40675 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Landing Page Builder
NVD
CVSS 3.1
4.8
EPSS
0.3%
EPSS 0% CVSS 7.1
HIGH This Week

Cross-site scripting in the PluginOps Landing Page Builder WordPress plugin (versions <= 1.5.3.5) lets unauthenticated remote attackers inject script that executes in a victim's browser, with a scope change (S:C) indicating the payload can affect resources beyond the vulnerable component. The flaw requires victim interaction (UI:R) such as visiting a crafted link or page, and yields low-level confidentiality, integrity, and availability impact (CVSS 7.1). No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

XSS Landing Page Builder
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in PluginOps Landing Page Builder - Lead Page - Optin Page - Squeeze Page - WordPress Landing Pages.5.1.5. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Open Redirect Landing Page Builder
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Landing Page Builder
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy