VYPR

Campaign Monitor Forms By Optin Cat

by WordPress

Source repositories

CVEs (2)

  • CVE-2023-5098HigOct 31, 2023
    risk 0.53cvss 8.1epss 0.01

    The Campaign Monitor Forms by Optin Cat WordPress plugin before 2.5.6 does not prevent users with low privileges (like subscribers) from overwriting any options on a site with the string "true", which could lead to a variety of outcomes, including DoS.

  • CVE-2024-11326MedDec 3, 2024
    risk 0.33cvss 6.1epss 0.00

    The Campaign Monitor Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.5.7. This makes it possible for unauthenticated attackers…