Lucene search
Chloe Chamberland (Wordfence)PATCHSTACK:4C0C094C0925B7F2FB2FFB24B6D75E02HistoryJan 13, 2022 - 12:00 a.m.
WordPress WP HTML Mail plugin <= 3.0.9 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability
2022-01-1300:00:00
Chloe Chamberland (Wordfence)
patchstack.com
14
wordpress
html mail
cross-site scripting
xss
vulnerability
update
chloe chamberland
wordfence
EPSS
0.032
Percentile
91.4%
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by Chloe Chamberland (Wordfence) in WordPress WP HTML Mail plugin (versions <= 3.0.9).
Solution
Update the WordPress WP HTML Mail plugin to the latest available version (at least 3.1).
Related
cnvd
cnvd
WordPress WP HTML Mail plugin cross-site scripting vulnerability
2022-01-23 00:00:00
nuclei
nuclei
HTML Email Template Designer < 3.1 - Stored Cross-Site Scripting
2022-01-24 08:47:01
cvelist
cvelist
CVE-2022-0218 WP HTML Mail <= 3.0.9 Missing Authorization on REST-API Route
2022-02-04 22:29:24
packetstorm
packetstorm
WordPress Email Template Designer – WP HTML Mail 3.0.9 Cross Site Scripting
2022-01-19 00:00:00
checkpoint_advisories
checkpoint_advisories
prion
prion
Design/Logic Flaw
2022-02-04 23:15:00
cve
cve
CVE-2022-0218
2022-02-04 23:15:12
wordfence
wordfence
nvd
nvd
CVE-2022-0218
2022-02-04 23:15:12
zdt
zdt
wpvulndb
wpvulndb
WP HTML Mail < 3.1 - Unprotected REST-API Endpoint
2022-01-19 00:00:00
threatpost
threatpost
20K WordPress Sites Exposed by Insecure Plugin REST-API
2022-01-21 18:19:37
thn
thn
Hackers Planted Secret Backdoor in Dozens of WordPress Plugins and Themes
2022-01-22 07:13:00