CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26992 – WordPress Landing Page Cat plugin <= 1.7.8 - Reflected Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2025-26992
14 Apr 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fatcatapps Landing Page Cat allows Reflected XSS. This issue affects Landing Page Cat: from n/a through 1.7.8. The Landing Page Cat plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.7.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if... • https://patchstack.com/database/wordpress/plugin/landing-page-cat/vulnerability/wordpress-landing-page-cat-plugin-1-7-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24576 – WordPress Landing Page Cat plugin <= 1.7.7 - Reflected Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2025-24576
17 Dec 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fatcat Apps Landing Page Cat allows Reflected XSS. This issue affects Landing Page Cat: from n/a through 1.7.7. The Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.7.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attacker... • https://patchstack.com/database/wordpress/plugin/landing-page-cat/vulnerability/wordpress-landing-page-cat-plugin-1-7-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49686 – WordPress Landing Page Cat plugin <= 1.7.4 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-49686
21 Oct 2024 — Missing Authorization vulnerability in Fatcat Apps Landing Page Cat.This issue affects Landing Page Cat: from n/a through 1.7.4. The Landing Page Cat plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the custom post type added via the plugin in versions up to, and including, 1.7.4. This makes it possible for authenticated attackers, with contributor-level access and above, to edit and modify landing pages. • https://patchstack.com/database/wordpress/plugin/landing-page-cat/vulnerability/wordpress-landing-page-cat-plugin-1-7-4-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •