- Impact
- 24,289
WordPress plugin bug impacts 1M sites, allows malicious redirects
Read more:
https://www.bleepingcomputer.com/ne...-impacts-1m-sites-allows-malicious-redirects/
https://www.wordfence.com/blog/2021/10/1000000-sites-affected-by-optinmonster-vulnerabilities/
https://wordpress.org/plugins/optinmonster/
https://optinmonster.com/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39341
CVSS Score: 7.2 (High)
The OptinMonster plugin is affected by a high-severity flaw that allows unauthorized API access and sensitive information disclosure on roughly a million WordPress sites.
All users of the OptinMonster plugin are advised to upgrade to version 2.6.5 or later, as all earlier versions are affected.
OptinMonster is one of the most popular WordPress plugins used to create beautiful opt-in forms that help site owners convert visitors to subscribers/customers.
It is essentially a lead generator and monetization tool, and thanks to its ease of use and abundance of features, it's deployed on approximately a million sites.
All users of the OptinMonster plugin are advised to upgrade to version 2.6.5 or later, as all earlier versions are affected.
OptinMonster is one of the most popular WordPress plugins used to create beautiful opt-in forms that help site owners convert visitors to subscribers/customers.
It is essentially a lead generator and monetization tool, and thanks to its ease of use and abundance of features, it's deployed on approximately a million sites.
Read more:
https://www.bleepingcomputer.com/ne...-impacts-1m-sites-allows-malicious-redirects/
https://www.wordfence.com/blog/2021/10/1000000-sites-affected-by-optinmonster-vulnerabilities/
https://wordpress.org/plugins/optinmonster/
https://optinmonster.com/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39341
Last edited: