1 results (0.001 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2017-5942 – WP Mail <= 1.1 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-5942
An issue was discovered in the WP Mail plugin before 1.2 for WordPress. The replyto parameter when composing a mail allows for a reflected XSS. This would allow you to execute JavaScript in the context of the user receiving the mail. Se descubrió un problema en el plugin WP Mail en versiones anteriores a 1.2 para WordPress. El parámetro replyto al componer un correo permite una XSS reflejada. • http://www.securityfocus.com/bid/96211 https://cjc.im/advisories/0006 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •