24 matches found
Cross site scripting
The MailPoet plugin before 3.23.2 for WordPress allows remote attackers to inject arbitrary web script or HTML using extra parameters in the URL Reflective Server-Side XSS...
PT-2020-9209 · WordPress · Mailpoet
Name of the Vulnerable Software and Affected Versions: MailPoet plugin versions prior to 3.23.2 for WordPress Description: The issue allows remote attackers to inject arbitrary web script or HTML using extra parameters in the URL, which is a Reflective Server-Side XSS. Recommendations: For MailPo...
Zomato: Remote File Upload Vulnerability in business-blog.zomato.com
hi https://business-blog.zomato.com installed an outdated MailPoet Plugin which vulnerable to Remote File Upload Vulnerability in WordPress MailPoet Plugin wysija-newsletters related article: https://blog.sucuri.net/2014/07/remote-file-upload-vulnerability-on-mailpoet-wysija-newsletters.html...
Design/Logic Flaw
Unspecified vulnerability in the MailPoet Newsletters wysija-newsletters plugin before 2.6.8 for WordPress has unspecified impact and attack vectors...