0.001 Low
EPSS
Percentile
41.8%
An issue was discovered in the WP Mail plugin before 1.2 for WordPress. The replyto parameter when composing a mail allows for a reflected XSS. This would allow you to execute JavaScript in the context of the user receiving the mail.
www.securityfocus.com/bid/96211
cjc.im/advisories/0006/