ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WP Mailster plugin <=1.5.4 - Unauthenticated Cross-Site Scripting (XSS) vulnerability

Product
WP Mailster
Description
Unauthenticated Cross-Site Scripting (XSS) vulnerability found by Ricardo Sanchez in WordPress WP Mailster plugin (versions <=1.5.4).
Solution
Update the WordPress WP Mailster plugin to the latest available version (at least 1.5.5).
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <=1.5.4
Fixed In 1.5.5
Disclosure date
2017-12-06
Credits
Ricardo Sanchez
Submitter
ThreatPress