Vulnerabilities > Metagauss > Leadmagic > Low

DATE CVE VULNERABILITY TITLE RISK
2022-01-18 CVE-2022-0232 Cross-site Scripting vulnerability in Metagauss Leadmagic
The User Registration, Login & Landing Pages WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the loader_text parameter found in the ~/includes/templates/landing-page.php file which allows attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.2.7.
network
metagauss CWE-79
3.5