Wp Mailster Security Vulnerabilities and Issues — Wp Mailster CVE List

Lucene search

WpmailsterWp Mailster

6 matches found

CVE•added 2024/12/06 2:15 p.m.•55 views

CVE-2024-53804

Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.16.0.

7.5CVSS7.6AI score0.00168EPSS

CVE•added 2024/12/03 10:15 a.m.•54 views

CVE-2024-11782

The WP Mailster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mst_subscribe' shortcode in all versions up to, and including, 1.8.17.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

6.4CVSS5.7AI score0.00038EPSS

CVE•added 2024/12/06 2:15 p.m.•47 views

CVE-2024-53805

Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0.

9.8CVSS7.6AI score0.00254EPSS

CVE•added 2024/12/06 2:15 p.m.•44 views

CVE-2024-53803

Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0.

8.8CVSS6.5AI score0.00197EPSS

CVE•added 2024/12/16 3:15 p.m.•42 views

CVE-2024-54355

Cross-Site Request Forgery (CSRF) vulnerability in brandtoss WP Mailster allows Cross Site Request Forgery.This issue affects WP Mailster: from n/a through 1.8.17.0.

8.8CVSS4.7AI score0.00023EPSS

CVE•added 2024/12/06 2:15 p.m.•39 views

CVE-2024-53807

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in brandtoss WP Mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through 1.8.16.0.

9.8CVSS8.8AI score0.0015EPSS