Vulnerabilities > Wpmailster

DATE CVE VULNERABILITY TITLE RISK
2021-10-21 CVE-2021-28975 Cross-site Scripting vulnerability in Wpmailster WP Mailster 1.6.18
WP Mailster 1.6.18.0 allows XSS when a victim opens a mail server's details in the mst_servers page, for a crafted server_host, server_name, or connection_parameter parameter.
network
low complexity
wpmailster CWE-79
6.1
2017-12-07 CVE-2017-17451 Cross-site Scripting vulnerability in Wpmailster WP Mailster
The WP Mailster plugin before 1.5.5 for WordPress has XSS in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php.
network
low complexity
wpmailster CWE-79
6.1