Security Advisory

CVE-2023-5958

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-27 16:22:03

Last updated 2024-08-02 08:14:25

Assigner WPScan

State PUBLISHED

Description

The POST SMTP Mailer WordPress plugin before 2.7.1 does not escape email message content before displaying it in the backend, allowing an unauthenticated attacker to perform XSS attacks against highly privileged users.

← Browse all CVEs View on cve.org ↗