4 matches found
Newsletter & Bulk Email Sender <= 2.0.1 - Contributor+ Stored XSS
Description The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
WordPress Plugin Newsletter & Bulk Email Sender Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Newsletter & Bulk Email...
CVE-2023-45829
CVE-2023-45829 is a Stored XSS in the HappyBox Newsletter & Bulk Email Sender WordPress plugin (versions ≤ 2.0.1). Authenticated users with contributor+ permissions can exploit input handling that does not properly validate/escape parameters, enabling stored script execution. Impact per sources i...
WordPress Newsletter & Bulk Email Sender Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Newsletter & Bulk Email Sender Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45829 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 83ca41771be8 Credits thiennv...