Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2024-08-19
CVE-2023-4730 - LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… Plugin
The LadiApp plugn for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init_endpoint() function hooked via 'init' in versions up to, and including, 4.3. This makes it possible for unauthenticated attackers to modify a variety of settings. An attacker can directly modify the 'ladipage_key' which enables them to create new posts on the website and inject malicious web scripts.
PLUGIN
LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing…
CVE-2023-4730
Risk Score