Lucene search

PRIOn knowledge basePRION:CVE-2013-10026

HistoryMay 02, 2023 - 2:15 a.m.

Cross site scripting

2023-05-0202:15:00

PRIOn knowledge base

www.prio-n.com

vulnerability

mail subscribe list plugin

wordpress

cross site scripting

remote attackers

upgrade

patch

484970ef8285cae51d2de3bd4e4684d33c956c28

nvd

identifier vdb-227765

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.8%

JSON

A vulnerability, which was classified as problematic, has been found in Mail Subscribe List Plugin up to 2.0.10 on WordPress. This issue affects some unknown processing of the file index.php. The manipulation of the argument sml_name/sml_email leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2.1 is able to address this issue. The identifier of the patch is 484970ef8285cae51d2de3bd4e4684d33c956c28. It is recommended to upgrade the affected component. The identifier VDB-227765 was assigned to this vulnerability.

CPENameOperatorVersion
mail_subscribe_listge2.0.0
mail_subscribe_listle2.0.10

CPE	Name	Operator	Version
	mail_subscribe_list	ge	2.0.0
	mail_subscribe_list	le	2.0.10

References

github.com/wp-plugins/mail-subscribe-list/commit/484970ef8285cae51d2de3bd4e4684d33c956c28

vuldb.com/?ctiid.227765

vuldb.com/?id.227765