4 matches found
CVE-2023-38387
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Elastic Email Sender plugin = 1.2.6 versions...
CVE-2023-38387
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Elastic Email Sender plugin = 1.2.6 versions...
CVE-2023-38387
CVE-2023-38387 affects the WordPress Elastic Email Sender plugin. The vulnerability is an authenticated (admin+) Stored XSS in versions <= 1.2.6. The connected PT Security entry (PT-2023-26396) recommends updating to a version later than 1.2.6 to fix the issue. Public vulnerability databases (...
WordPress Elastic Email Sender Plugin <= 1.2.6 is vulnerable to Cross Site Scripting (XSS)
Software Elastic Email Sender Type Plugin Vulnerable versions = 1.2.6 Fixed in 1.2.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-38387 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9e6f7efb17d9 Credits yuyudhn Required...