Vulnerabilities > Keap

DATE CVE VULNERABILITY TITLE RISK
2024-02-01 CVE-2023-52192 Unspecified vulnerability in Keap Official Opt-In Forms 1.0.11
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Keap Keap Official Opt-in Forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through 1.0.11.
network
low complexity
keap
5.4
2024-01-15 CVE-2023-6941 Cross-site Scripting vulnerability in Keap Official Opt-In Forms 1.0.11
The Keap Official Opt-in Forms WordPress plugin through 1.0.11 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).
network
low complexity
keap CWE-79
4.8
2023-10-10 CVE-2023-44241 Unspecified vulnerability in Keap Landing Pages 1.4.2
Cross-Site Request Forgery (CSRF) vulnerability in Keap Keap Landing Pages plugin <= 1.4.2 versions.
network
low complexity
keap
8.8