The POST SMTP Mailer WordPress plugin before 2.7.1 does not escape email message content before displaying it in the backend, allowing an unauthenticated attacker to perform XSS attacks against highly privileged users.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: WPScan
Published: 2023-11-27T16:22:03.963Z
Updated: 2024-08-02T08:14:25.133Z
Reserved: 2023-11-03T19:08:32.554Z
Link: CVE-2023-5958

No data.

Status : Modified
Published: 2023-11-27T17:15:09.623
Modified: 2024-11-21T08:42:51.820
Link: CVE-2023-5958

No data.