0.001 Low
EPSS
Percentile
41.8%
WordPress plugin WP Mail version 1.1 has Reflected Cross Site Scripting (XSS) vulnerability and allows an attacker to execute JavaScript in the context of the user receiving the mail.
Update plugin to the latest version (at least 1.2).
www.securityfocus.com/bid/96211/info
cjc.im/advisories/0006/
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5942