2 matches found
CVE-2024-10103 MailPoet < 5.3.2 - Admin+ Stored XSS
In the process of testing the MailPoet WordPress plugin before 5.3.2, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoor...
WordPress MailPoet Plugin < 5.3.2 is vulnerable to Cross Site Scripting (XSS)
Software MailPoet Type Plugin Vulnerable versions 5.3.2 Fixed in 5.3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10103 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9750d9962a7d Credits Dmitrii Ignatyev Required...