cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-47429,https://securityvulnerability.io/vulnerability/CVE-2022-47429,WordPress Coming Soon Landing Page and Maintenance Mode WordPress Plugin plugin <= 2.2.0 - Broken Access Control,"An authorization issue exists within the 8Degree Themes Coming Soon Landing Page and Maintenance Mode WordPress Plugin that can lead to the retrieval of embedded sensitive data. This vulnerability allows unauthorized users to access data that should be protected, thereby jeopardizing the security of WordPress sites utilizing this plugin. The vulnerability primarily affects versions prior to 2.2.0, highlighting the need for site administrators to update their plugins to safeguard against potential data breaches.",Wordpress,Coming Soon Landing Page And Maintenance Mode WordPress Plugin,5.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-12-13T14:23:15.535Z,0
CVE-2024-1793,https://securityvulnerability.io/vulnerability/CVE-2024-1793,"AWeber Plugin Vulnerable to SQL Injection, Puts Sensitive Data at Risk","The AWeber – Free Sign Up Form and Landing Page Builder Plugin for WordPress is susceptible to a SQL Injection vulnerability through the 'post_id' parameter. This issue arises from inadequate escaping of user-supplied parameters and insufficient preparation in the SQL query. Authenticated attackers with administrator-level access can exploit this weakness to inject additional SQL commands into existing queries, potentially accessing and extracting sensitive information from the database, thereby compromising the security of users' data and the integrity of the application.",Wordpress,Aweber – Free Sign Up Form And Landing Page Builder Plugin For Lead Generation And Email Newsletter Growth,7.2,HIGH,0.0004400000034365803,false,,false,false,false,,false,false,2024-03-13T15:27:24.266Z,0
CVE-2015-10090,https://securityvulnerability.io/vulnerability/CVE-2015-10090,Landing Pages Plugin cross site scripting,"A vulnerability, which was classified as problematic, has been found in Landing Pages Plugin up to 1.8.7 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.8.8 is able to address this issue. The name of the patch is c8e22c1340c11fedfb0a0a67ea690421bdb62b94. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222320.",Wordpress,Landing Pages Plugin,3.5,LOW,0.0014900000533089042,false,,false,false,false,,false,false,2023-03-06T00:15:00.000Z,0
CVE-2013-6243,https://securityvulnerability.io/vulnerability/CVE-2013-6243,,"SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the ""post"" parameter to index.php.",Wordpress,Landing Pages Plugin,,,0.0059899999760091305,false,,false,false,false,,false,false,2013-10-23T15:00:00.000Z,0