JVN#42880365: WordPress Plugin "WordPress Email Template Designer - WP HTML Mail" vulnerable to cross-site request forgery

2021-07-06T00:00:00
ID JVN:42880365
Type jvn
Reporter Japan Vulnerability Notes
Modified 2021-07-06T00:00:00

Description

WordPress Plugin "WordPress Email Template Designer - WP HTML Mail" provided by codemiq contains a cross-site request forgery vulnerability (CWE-352).

## Impact

If a user views a malicious page while logged in to the affected system with an administrative privilege, unintended operations may be performed.

## Solution

Update the plugin
Update the plugin according to the information provided by the developer.

## Products Affected

  • WordPress Email Template Designer - WP HTML Mail versions prior to 3.0.8