Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
optinmonster optinmonster vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-33691
Cross-Site Request Forgery (CSRF) vulnerability in OptinMonster Popup Builder Team OptinMonster.This issue affects OptinMonster: from n/a up to and including 2.15.3.
6.5
CVSSv3
CVE-2023-0772
The Popup Builder by OptinMonster WordPress plugin prior to 2.12.2 does not ensure that the campaign to be loaded via some shortcodes is actually a campaign, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, like draft, private or eve...
Optinmonster Optinmonster
8.2
CVSSv3
CVE-2021-39341
The OptinMonster WordPress plugin is vulnerable to sensitive information disclosure and unauthorized setting updates due to insufficient authorization validation via the logged_in_or_has_api_key function in the ~/OMAPI/RestApi.php file that can used to exploit inject malicious we...
Optinmonster Optinmonster
6.1
CVSSv3
CVE-2021-39325
The OptinMonster WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient input validation in the load_previews function found in the ~/OMAPI/Output.php file which allows malicious users to inject arbitrary web scripts, in versions up to and including ...
Optinmonster Optinmonster
5.3
CVSSv3
CVE-2016-10996
The optinmonster plugin prior to 1.1.4.6 for WordPress has incorrect access control for shortcodes because of a nonce leak.
Optinmonster Optinmonster
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started