Cross-site scripting (XSS) vulnerability in the ThreeWP Email Reflector plugin before 1.16 for WordPress allows remote attackers to inject arbitrary web script or HTML via the Subject of an email.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2014-06-19 07:55
Updated : 2017-08-28 18:31
NVD link : CVE-2012-2572
Mitre link : CVE-2012-2572
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
mindreantre
- threewp_email_reflector