Vulnerabilities > Monsterinsights > Monsterinsights > 8.12.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-30 | CVE-2023-32291 | Cross-site Scripting vulnerability in Monsterinsights Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MonsterInsights Pro allows Stored XSS.This issue affects MonsterInsights Pro: from n/a through 8.14.1. | 5.4 |
2023-02-06 | CVE-2023-0081 | Unspecified vulnerability in Monsterinsights The MonsterInsights WordPress plugin before 8.12.1 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 5.4 |