3 matches found
CVE-2012-6628
Multiple cross-site scripting XSS vulnerabilities in the Newsletter Manager plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 xyzemcampName to admin/createcampaign.php or 2 admin/editcampaign.php, 3 xyzememail parameter to admin/editemail.ph...
CVE-2012-6628
Multiple cross-site scripting XSS vulnerabilities in the Newsletter Manager plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 xyzemcampName to admin/createcampaign.php or 2 admin/editcampaign.php, 3 xyzememail parameter to admin/editemail.ph...
CVE-2012-6628
CVE-2012-6628 reports multiple cross-site scripting (XSS) vulnerabilities in the WordPress Newsletter Manager plugin before 1.0.2. The issue allows remote attackers to inject arbitrary script/HTML via one of five vectors: (1) xyz_em_campName to admin/create_campaign.php, (2) xyz_em_campName to ad...