Convertkit Convertkit - Email Marketing, Email Newsletter And Landing Pages — known CVE vulnerabilities
Every CVE whose affected-product data names Convertkit Convertkit - Email Marketing, Email Newsletter And Landing Pages, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-2337 — CVSS 6.1 (medium): The ConvertKit WordPress plugin before 2.2.1 does not escape a parameter before outputting it back in an attribute, leading to a Reflected…
CVE-2022-4508 — CVSS 5.4 (medium): The ConvertKit WordPress plugin before 2.0.5 does not validate and escapes some of its shortcode attributes before outputting them back in…
CVE-2024-31245 — CVSS 5.3 (medium): Insertion of Sensitive Information into Log File vulnerability in ConvertKit.This issue affects ConvertKit: from n/a through 2.4.5.
CVE-2024-3961 — CVSS 5.3 (medium): The ConvertKit – Email Newsletter, Email Marketing, Subscribers and Landing Pages plugin for WordPress is vulnerable to unauthorized…