WordPress Plugin Vulnerabilities

WordPress Landing Pages <= 2.2.4 - Reflected Cross-Site Scripting (XSS)

Description

The WordPress Landing Pages WordPress plugin was affected by a Reflected Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
landing-pages
Fixed in 2.2.5

References

URL
https://seclists.org/fulldisclosure/2016/Aug/17
URL
https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_wordpress_landing_pages_plugin.html

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
3f6f7ab0-1828-41db-a789-37821e210ff0

Timeline

Publicly Published
2016-08-03 (about 9 years ago)
Added
2016-08-04 (about 9 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2024-09-12
Title
YITH Custom Login < 1.7.4 - Reflected Cross-Site Scripting
Published
2024-03-25
Title
WP Google Maps < 9.0.30 - Reflected Cross-Site Scripting
Published
2025-04-09
Title
Mobile Smart <= v1.3.16 - Reflected Cross-Site Scripting
Published
2024-12-12
Title
Primer MyData for Woocommerce < 4.2.2 - Reflected Cross-Site Scripting
Published
2025-02-02
Title
WP Find Your Nearest <= 0.3.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting