4 matches found
CVE-2025-2325
The WP Test Email plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Email Logs in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...
CVE-2025-2325 WP Test Email <= 1.1.8 - Unauthenticated Stored Cross-Site Scripting
The WP Test Email plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Email Logs in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...
CVE-2025-2325
CVE-2025-2325 affects the WordPress plugin WP Test Email. The vulnerability is an unauthenticated stored XSS via Email Logs in all versions up to 1.1.8, caused by insufficient input sanitization and output escaping. Exploitation could inject scripts that execute when users load injected pages. Th...
CVE-2025-2325 WP Test Email <= 1.1.8 - Unauthenticated Stored Cross-Site Scripting
The WP Test Email plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Email Logs in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...