CVE-2025-64203 WordPress Mailster plugin < 4.1.14 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EverPress Mailster mailster allows Reflected XSS.This issue affects Mailster: from n/a through 4.1.14...

CVE-2025-24559

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brandtoss WP Mailster allows Reflected XSS. This issue affects WP Mailster: from n/a through 1.8.15.0...

CVE-2025-22303

Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.17.0...

WordPress plugin WP Mailster 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site reques...

CVE-2024-53805

Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0...

CVE-2024-53803

Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0...

PT-2024-35918

Name of the Vulnerable Software and Affected Versions WP Mailster versions 1.8.16.0 and earlier Description The issue allows the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. This can potentially expose confidential information. Recommendations...

PT-2024-35917 · Brandtoss · Wp Mailster

Name of the Vulnerable Software and Affected Versions: WP Mailster versions 1.8.16.0 and earlier Description: The issue is related to a Missing Authorization vulnerability in brandtoss WP Mailster, which allows exploiting incorrectly configured access control security levels. Recommendations: For...

PT-2024-17254 · WordPress · Wp Mailster

Name of the Vulnerable Software and Affected Versions: WP Mailster plugin for WordPress versions up to, and including, 1.8.17.0 Description: The issue is related to stored cross-site scripting due to insufficient input sanitization and output escaping on user-supplied attributes in the mst...

WordPress plugin WP Mailster 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site...

CVE-2024-37433 WordPress Mailster plugin <= 4.0.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EverPress Mailster mailster.This issue affects Mailster: from n/a through = 4.0.9...

WordPress Mailster Plugin <= 4.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Mailster Type Plugin Vulnerable versions = 4.0.9 Fixed in 4.0.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37433 Patch priority Medium CVSS severity Medium 7.1 Developer EverPress PSID fd696b7f3710 Credits Martin Herancourt Required privilege...

WordPress Mailster plugin <= 4.0.6 - Unauthenticated Local File Inclusion vulnerability

Unauthenticated Local File Inclusion vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Mailster versions = 4.0.6...