Landing Page Builder < 1.4.9.6 - Authenticated Reflected Cross-Site Scripting (XSS)
CVE-2021-25067

5.4MEDIUM

Key Information:

Vendor: Wordpress
Status: Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages
Vendor: CVE Published:; 17 January 2022

What is CVE-2021-25067?

The Landing Page Builder WordPress plugin before 1.4.9.6 was affected by a reflected XSS in page-builder-add on the ulpb_post admin page.

Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages 1.4.9.6

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Krzysztof Zając