ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WP MailUp Plugin <= 1.3.2 - XSS

Product
WP MailUp
Description
This plugin is prone to cross site scripting attacks by setting the wordpress_logged_in cookie.
Solution
Update the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
CVE Mitre
CVE
Name CVE-2013-0731
Versions
Affected In <= 1.3.2
Fixed In 1.3.3
Disclosure date
2013-01-02
Credits
mailup