5 matches found
CVE-2023-7027
The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘device’ header in all versions up to, and including, 2.8.7 due to insufficient input sanitization and output escaping. This...
WordPress POST SMTP Mailer 2.8.7 Authorization Bypass / Cross Site Scripting
Vulnerability Summary from Wordfence Intelligence Description: POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress = 2.8.7 – Authorization Bypass via type connect-app API Affected Plugin: POST SMTP Mailer – Email log, Delivery Failure Notifications and Be...
CVE-2023-7027
The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘device’ header in all versions up to, and including, 2.8.7 due to insufficient input sanitization and output escaping. This...
CVE-2023-7027
The CVE-2023-7027 vulnerability affects the WordPress Post SMTP Mailer plugin (WPExperts) for WordPress, with all versions up to 2.8.7 vulnerable to Stored Cross-Site Scripting via the device header due to insufficient input sanitization and output escaping. This permits unauthenticated attackers...
WordPress Post SMTP Plugin <= 2.8.7 is vulnerable to Cross Site Scripting (XSS)
Software Post SMTP Type Plugin Vulnerable versions = 2.8.7 Fixed in 2.8.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-7027 Patch priority Medium CVSS severity Medium 7.1 Developer WPExperts PSID 7142ca21bf69 Credits Sean Murphy Required privilege...