Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
optinmonster optinmonster vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2021-39341
The OptinMonster WordPress plugin is vulnerable to sensitive information disclosure and unauthorized setting updates due to insufficient authorization validation via the logged_in_or_has_api_key function in the ~/OMAPI/RestApi.php file that can used to exploit inject malicious we...
Optinmonster Optinmonster
6.1
CVSSv3
CVE-2021-39325
The OptinMonster WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient input validation in the load_previews function found in the ~/OMAPI/Output.php file which allows malicious users to inject arbitrary web scripts, in versions up to and including ...
Optinmonster Optinmonster
6.5
CVSSv3
CVE-2023-0772
The Popup Builder by OptinMonster WordPress plugin prior to 2.12.2 does not ensure that the campaign to be loaded via some shortcodes is actually a campaign, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, like draft, private or eve...
Optinmonster Optinmonster
5.3
CVSSv3
CVE-2016-10996
The optinmonster plugin prior to 1.1.4.6 for WordPress has incorrect access control for shortcodes because of a nonce leak.
Optinmonster Optinmonster
NA
CVE-2024-33691
Cross-Site Request Forgery (CSRF) vulnerability in OptinMonster Popup Builder Team OptinMonster.This issue affects OptinMonster: from n/a up to and including 2.15.3.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started