Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Official_opt\-In_forms
(Keap)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 2 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2024-02-01 | CVE-2023-52192 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Keap Keap Official Opt-in Forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through 1.0.11. | Official_opt\-In_forms | 5.4 | ||
2024-01-15 | CVE-2023-6941 | The Keap Official Opt-in Forms WordPress plugin through 1.0.11 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup). | Official_opt\-In_forms | 4.8 |