Page 2 of 6 results (0.001 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Mailster allows Stored XSS.This issue affects WP Mailster: from n/a through 1.8.16.0. La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en WP Mailster permite XSS almacenado. Este problema afecta a WP Mailster: desde n/a hasta 1.8.16.0. The WP Mailster plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.8.16.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/wordpress/plugin/wp-mailster/vulnerability/wordpress-wp-mailster-plugin-1-8-16-0-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •