VYPR

Popup Builder by OptinMonster

by WordPress

CVEs (3)

  • CVE-2023-0772MedMar 13, 2023
    risk 0.42cvss 6.5epss 0.01

    The Popup Builder by OptinMonster WordPress plugin before 2.12.2 does not ensure that the campaign to be loaded via some shortcodes is actually a campaign, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, like draft, private or even…

  • CVE-2024-4045MedMay 25, 2024
    risk 0.35cvss 6.4epss 0.00

    The Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘campaign_id’ parameter in versions up to, and including, 2.16.1 due to insufficient input…

  • CVE-2024-33691MedApr 26, 2024
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in OptinMonster Popup Builder Team OptinMonster.This issue affects OptinMonster: from n/a through 2.15.3.