Landing Pages Project: >> Landing Pages Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the post parameter to wp-admin/post-new.php.
CVSS Score
3.5
EPSS Score
0.008
Published
2015-05-27
SQL injection vulnerability in modules/module.ab-testing.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the post parameter in an edit delete-variation action to wp-admin/post.php.
CVSS Score
6.5
EPSS Score
0.034
Published
2015-05-27