The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
1. Go to the Mailing list option and register a new user with the value "autofocus onfocus=alert(1)// on the email and name fields 2. Click on edit subscriber, and the XSS will be reflected
CPE | Name | Operator | Version |
---|---|---|---|
bft-autoresponder | lt | 2.1.7.2 |