CVE-2013-10026
The CVE targets the WordPress Mail Subscribe List Plugin versions up to 2.0.10. A cross-site scripting flaw arises from manipulating the index.php parameters sml_name and sml_email due to unknown processing, potentially enabling remote exploitation. Remediation: upgrade to version 2.1 (patch 4849...