2 matches found
CVE-2023-50844
CVE-2023-50844 is a SQL Injection flaw in the WordPress plugin “Mail logging – WP Mail Catcher,” caused by improper neutralization of input in an SQL command. Affected versions are listed as from n/a through 2.1.3. The vulnerability has been patched; users should update to a fixed release. The ba...
CVE-2023-3080
CVE-2023-3080: WP Mail Catcher for WordPress is vulnerable to unauthenticated Stored XSS via the email subject in versions up to 2.1.2 due to insufficient input sanitization and output escaping. Exploitation would occur when an affected admin page is loaded. A fix is available in version 2.1.3. C...