CVE-2017-5942

Published: 2017-02-10T07:59Z

Last Modified: 2024-11-21T03:28Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An issue was discovered in the WP Mail plugin before 1.2 for WordPress. The replyto parameter when composing a mail allows for a reflected XSS. This would allow you to execute JavaScript in the context of the user receiving the mail. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt