Browse all 3 CVE security advisories affecting Keap. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Keap is a customer relationship management (CRM) and marketing automation platform designed for small businesses to manage client interactions and sales processes. Historically, the platform has been susceptible to various vulnerability classes, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation, with three CVEs currently documented. Security researchers have identified authentication bypass flaws and insufficient input validation as recurring issues. While no major public security incidents have been widely reported, the platform's exposure to web-based vulnerabilities remains a concern for organizations relying on its services. Proper configuration and regular security assessments are recommended to mitigate potential risks associated with these documented weaknesses.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-47642 | WordPress Keap Official Opt-in Forms plugin <= 2.0.3 - Cross Site Scripting (XSS) vulnerability — Keap Official Opt-in FormsCWE-79 | 6.5 | Medium | 2024-10-05 |
| CVE-2023-52192 | WordPress Keap Official Opt-in Forms Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS) — Keap Official Opt-in FormsCWE-79 | 6.5 | Medium | 2024-02-01 |
| CVE-2023-44241 | WordPress Keap Landing Pages Plugin <= 1.4.2 is vulnerable to Cross Site Request Forgery (CSRF) — Keap Landing PagesCWE-352 | 4.3 | Medium | 2023-10-10 |
This page lists every published CVE security advisory associated with Keap. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.