Multiple cross-site scripting (XSS) vulnerabilities in the WP SimpleMail plugin 1.0.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) To, (2) From, (3) Date, or (4) Subject field of an email.
References
Configurations
Information
Published : 2014-06-20 07:55
Updated : 2017-08-28 18:31
NVD link : CVE-2012-2579
Mitre link : CVE-2012-2579
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
wp_simplemail_project
- wp_simplemail