Landing Page Builder
Monthly
Cross-site scripting in the PluginOps Landing Page Builder WordPress plugin (versions <= 1.5.3.5) lets unauthenticated remote attackers inject script that executes in a victim's browser, with a scope change (S:C) indicating the payload can affect resources beyond the vulnerable component. The flaw requires victim interaction (UI:R) such as visiting a crafted link or page, and yields low-level confidentiality, integrity, and availability impact (CVSS 7.1). No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in PluginOps Landing Page Builder - Lead Page - Optin Page - Squeeze Page - WordPress Landing Pages.5.1.5. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Cross-site scripting in the PluginOps Landing Page Builder WordPress plugin (versions <= 1.5.3.5) lets unauthenticated remote attackers inject script that executes in a victim's browser, with a scope change (S:C) indicating the payload can affect resources beyond the vulnerable component. The flaw requires victim interaction (UI:R) such as visiting a crafted link or page, and yields low-level confidentiality, integrity, and availability impact (CVSS 7.1). No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in PluginOps Landing Page Builder - Lead Page - Optin Page - Squeeze Page - WordPress Landing Pages.5.1.5. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.