Skip to main content

Wp Lead Plus X

2 CVEs product

Monthly

CVE-2020-11509 MEDIUM POC This Month

An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows remote attackers to upload page templates containing arbitrary JavaScript via the c37_wpl_import_template. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Wp Lead Plus X
NVD
CVSS 3.1
6.1
EPSS
1.9%
CVE-2020-11508 MEDIUM POC This Month

An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows logged-in users with minimal permissions to create or replace existing pages with a malicious page containing. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Wp Lead Plus X
NVD
CVSS 3.1
5.4
EPSS
0.8%
EPSS 2% CVSS 6.1
MEDIUM POC This Month

An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows remote attackers to upload page templates containing arbitrary JavaScript via the c37_wpl_import_template. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Wp Lead Plus X
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows logged-in users with minimal permissions to create or replace existing pages with a malicious page containing. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Wp Lead Plus X
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy