Filtered by vendor Wplegalpages
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-8565 | 2 Wordpress, Wplegalpages | 2 Wordpress, Wp Legal Pages | 2025-09-18 | 8.1 High |
| The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on the wplp_gdpr_install_plugin_ajax_handler() function in all versions up to, and including, 3.4.3. This makes it possible for authenticated attackers, with Contributor-level access and above, to install arbitrary repository plugins. | ||||
| CVE-2015-9428 | 1 Wplegalpages | 1 Wp Legal Pages | 2024-11-21 | 6.5 Medium |
| The wplegalpages plugin before 1.1 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=legal-pages lp-domain-name, lp-business-name, lp-phone, lp-street, lp-city-state, lp-country, lp-email, lp-address, or lp-niche parameters. | ||||
Page 1 of 1.