Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
optinmonster optinmonster vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-33691
Cross-Site Request Forgery (CSRF) vulnerability in OptinMonster Popup Builder Team OptinMonster.This issue affects OptinMonster: from n/a up to and including 2.15.3.
NA
CVE-2023-0772
The Popup Builder by OptinMonster WordPress plugin prior to 2.12.2 does not ensure that the campaign to be loaded via some shortcodes is actually a campaign, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, like draft, private or eve...
Optinmonster Optinmonster
6.4
CVSSv2
CVE-2021-39341
The OptinMonster WordPress plugin is vulnerable to sensitive information disclosure and unauthorized setting updates due to insufficient authorization validation via the logged_in_or_has_api_key function in the ~/OMAPI/RestApi.php file that can used to exploit inject malicious we...
Optinmonster Optinmonster
4.3
CVSSv2
CVE-2021-39325
The OptinMonster WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient input validation in the load_previews function found in the ~/OMAPI/Output.php file which allows malicious users to inject arbitrary web scripts, in versions up to and including ...
Optinmonster Optinmonster
5
CVSSv2
CVE-2016-10996
The optinmonster plugin prior to 1.1.4.6 for WordPress has incorrect access control for shortcodes because of a nonce leak.
Optinmonster Optinmonster
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started