WordPress GD Mail Queue Plugin <= 4.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin GD Mail Queue versions = 4.3...

ROS-2-1613

2.1613 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

ROS-2-988

2.988 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

ROS-2-1996

2.1996 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 Vulnerability in the Exim message forwarding agent, related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

ROS-2-1894

2.1894 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

CVE-2023-3167

The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

CVE-2023-3167

The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

Cross site scripting

The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

CVE-2023-3167 Mail Queue <= 1.1 - Unauthenticated Stored Cross-Site Scripting via Email Subject

The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

CVE-2023-3167 Mail Queue <= 1.1 - Unauthenticated Stored Cross-Site Scripting via Email Subject

The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

CVE-2023-3167

CVE-2023-3167 - WordPress Mail Queue plugin : Stored XSS in the Email Subject field affecting WordPress plugins Mail Queue versions up to 1.1 due to insufficient input sanitization and output escaping. Exploitation possible by unauthenticated attackers, injecting scripts that execute when a user ...

CVE-2023-3122 GD Mail Queue <= 3.9.3 - Unauthenticated Stored Cross-Site Scripting via Email

The GD Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via email contents in versions up to, and including, 3.9.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2023-3122

CVE-2023-3122 affects the GD Mail Queue plugin for WordPress. A stored XSS flaw arises from insufficient input sanitization and output escaping in email contents for versions up to 3.9.3, allowing unauthenticated attackers to inject scripts that execute when users load injected pages. Public disc...

WordPress Plugin GD Mail Queue 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2023-23241 · WordPress · Gd Mail Queue

Name of the Vulnerable Software and Affected Versions: GD Mail Queue plugin for WordPress versions up to and including 3.9.3 Description: The issue arises from insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts in pages via emai...

WordPress Plugin Mail Queue 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A cross-site scripting vulnerability exists...

WordPress Mail Queue Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Mail Queue Type Plugin Vulnerable versions = 1.1 Fixed in 1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3167 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID fb19b2f489d6 Credits Alex Thomas Required privilege...

Mail Queue < 1.2 - Unauthenticated Stored Cross-Site Scripting

The plugin does not properly sanitize and escape user input for the email subject field. This can lead to the injection of arbitrary web scripts that execute whenever a page is accessed...

WordPress GD Mail Queue Plugin <= 3.9.3 is vulnerable to Cross Site Scripting (XSS)

Software GD Mail Queue Type Plugin Vulnerable versions = 3.9.3 Fixed in 4.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3122 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 1e928c6cc270 Credits Alex Thomas Required privile...

ROS-2-2203

2.2203 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...