CyberSec.Space Logo
Back to CVE Browser

CVE-2015-5227

HIGH
8.8
CVSS Severity Score
EPSS Score0.1540%
EPSS Percentile30.08th
PublishedOct 18, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

The Landing Pages plugin before 1.9.2 for WordPress allows remote attackers to execute arbitrary code via the url parameter.

Affected Platforms (CPE)

πŸ“¦
Inboundnow

Wordpress Landing Pages

<= 1.9.1

References & Advisories

πŸ”— https://wordpress.org/plugins/landing-pages/#developers
πŸ”— https://wpvulndb.com/vulnerabilities/8200
πŸ”— https://wordpress.org/plugins/landing-pages/#developers
πŸ”— https://wpvulndb.com/vulnerabilities/8200

Related Vulnerabilities

CVE-2013-62437.5

SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers ...

CVE-2015-40646.5

SQL injection vulnerability in modules/module.ab-testing.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote ...

CVE-2021-250675.4

The Landing Page Builder WordPress plugin before 1.4.9.6 was affected by a reflected XSS in page-builder-add on the ulpb_post admi...

CVE-2015-40653.5

Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing Pages plugin before 1.8.5 for ...