Vulnerabilities > Wpmailster > WP Mailster > 1.8.17

DATE CVE VULNERABILITY TITLE RISK
2025-02-04 CVE-2025-24598 Cross-site Scripting vulnerability in Wpmailster WP Mailster
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster allows Reflected XSS.
network
low complexity
wpmailster CWE-79
6.1
6.1
2025-01-07 CVE-2025-22303 Unspecified vulnerability in Wpmailster WP Mailster
Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.17.0.
network
low complexity
wpmailster
7.5
7.5
2024-12-03 CVE-2024-11782 Cross-site Scripting vulnerability in Wpmailster WP Mailster
The WP Mailster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mst_subscribe' shortcode in all versions up to, and including, 1.8.17.0 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
wpmailster CWE-79
5.4
5.4