WordPress Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce plugin <= 2.6.14 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce versions = 2.6.14...

WordPress Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce Plugin <= 2.6.14 is vulnerable to Cross Site Scripting (XSS)

Software Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce Type Plugin Vulnerable versions = 2.6.14 Fixed in 2.6.16 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43126 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership...

CVE-2017-18564

The sender plugin before 1.2.1 for WordPress has multiple XSS issues...

WordPress Sender 0.7 Cross Site Scripting

Plugin Name : Sender Effected Version : 0.7 and most probably lower version's if any Vulnerability : A3-Cross-Site Scripting XSS Identified by : Madhu Akula Technical Details Minimum Level of Access Required : Administrator PoC - Proof of Concept : The following fields put the payload as below...