CyberSec.Space Logo
Back to CVE Browser

CVE-2021-25067

MEDIUM
5.4
CVSS Severity Score
EPSS Score0.1890%
EPSS Percentile24.10th
PublishedJan 17, 2022
Last ModifiedNov 21, 2024

Vulnerability Description

The Landing Page Builder WordPress plugin before 1.4.9.6 was affected by a reflected XSS in page-builder-add on the ulpb_post admin page.

Affected Platforms (CPE)

📦
Pluginops

Landing Page

< 1.4.9.6

References & Advisories

🔗 https://wpscan.com/vulnerability/365007f0-61ac-4e81-8a3a-3a068f2c84bc
🔗 https://wpscan.com/vulnerability/365007f0-61ac-4e81-8a3a-3a068f2c84bc

Related Vulnerabilities

CVE-2015-52278.8

The Landing Pages plugin before 1.9.2 for WordPress allows remote attackers to execute arbitrary code via the url parameter.

CVE-2019-130477.8

kernel/sys/syscall.c in ToaruOS through 1.10.9 has incorrect access control in sys_sysfunc case 9 for TOARU_SYS_FUNC_SETHEAP, allo...

CVE-2013-62437.5

SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers ...

CVE-2021-472777.1

In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslo...