Zoho CRM Lead Magnet
by WordPress
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-41978 | Hig | 0.57 | 8.8 | 0.03 | Nov 9, 2022 | Auth. (subscriber+) Arbitrary Options Update vulnerability in Zoho CRM Lead Magnet plugin <= 1.7.5.8 on WordPress. | ||
| CVE-2024-38696 | Hig | 0.46 | 7.1 | 0.00 | Jul 20, 2024 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zoho CRM Zoho CRM Lead Magnet allows Reflected XSS.This issue affects Zoho CRM Lead Magnet: from n/a through 1.7.8.8. | ||
| CVE-2021-33849 | Med | 0.35 | 5.4 | 0.01 | Oct 5, 2021 | A Cross-Site Scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user’s browser while the browser is connected to a trusted website. The attack targets your application's users and not the application itself while using your application as the attack's… | ||
| CVE-2019-19306 | Med | 0.35 | 5.4 | 0.01 | Nov 26, 2019 | The Zoho CRM Lead Magnet plugin 1.6.9.1 for WordPress allows XSS via module, EditShortcode, or LayoutName. |
- risk 0.57cvss 8.8epss 0.03
Auth. (subscriber+) Arbitrary Options Update vulnerability in Zoho CRM Lead Magnet plugin <= 1.7.5.8 on WordPress.
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zoho CRM Zoho CRM Lead Magnet allows Reflected XSS.This issue affects Zoho CRM Lead Magnet: from n/a through 1.7.8.8.
- risk 0.35cvss 5.4epss 0.01
A Cross-Site Scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user’s browser while the browser is connected to a trusted website. The attack targets your application's users and not the application itself while using your application as the attack's…
- risk 0.35cvss 5.4epss 0.01
The Zoho CRM Lead Magnet plugin 1.6.9.1 for WordPress allows XSS via module, EditShortcode, or LayoutName.