OptinMonster

Syed Balkhi

Developer

2.16.22

Latest version

1,000,000

Installations

Nov 19, 2025

Last updated

WordPress Plugin

Active VDP

Report vulnerability

Vulnerabilities

Security Policy

Security Contributors

Vulnerability history

0 present

6 fixed

1 Mitigation rules

Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
<= 2.16.1
May 27, 2024
Cross Site Request Forgery (CSRF) Notice Dismissal vulnerability
<= 2.15.3
Apr 26, 2024
Subscriber+ Arbitrary Post Content Disclosure vulnerability
< 2.12.2
Mar 3, 2023
Unprotected REST-API to Sensitive Information Disclosure and Unauthorized API access vulnerability
<= 2.6.4
Oct 27, 2021
Reflected Cross-Site Scripting (XSS) vulnerability
<= 2.6.0
Sep 20, 2021
Execution of Arbitrary Shortcodes
<= 1.1.4.5
Mar 22, 2016