Wp Mailster Security Vulnerabilities and Issues — Wp Mailster CVE List

Lucene search

WpmailsterWp Mailster

4 matches found

CVE•added 2024/12/03 10:15 a.m.•54 views

CVE-2024-11782

The WP Mailster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mst_subscribe' shortcode in all versions up to, and including, 1.8.17.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

6.4CVSS5.7AI score0.00038EPSS

CVE•added 2017/12/07 12:29 a.m.•43 views

CVE-2017-17451

The WP Mailster plugin before 1.5.5 for WordPress has XSS in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php.

6.1CVSS6AI score0.16393EPSS

CVE•added 2024/11/28 11:15 a.m.•40 views

CVE-2024-53737

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Mailster allows Stored XSS.This issue affects WP Mailster: from n/a through 1.8.16.0.

6.5CVSS6.5AI score0.00034EPSS

CVE•added 2021/10/21 4:15 p.m.•34 views

CVE-2021-28975

WP Mailster 1.6.18.0 allows XSS when a victim opens a mail server's details in the mst_servers page, for a crafted server_host, server_name, or connection_parameter parameter.

6.1CVSS5.9AI score0.0021EPSS