CVE-2021-38354
The issue is a Reflected Cross-Site Scripting vulnerability in the WordPress plugin GNU-Mailman Integration (versions up to and including 1.0.6). The flaw is triggered via the gm_error parameter in the file path ~/includes/admin/mailing-lists-page.php , allowing an attacker to inject arbitrary we...