Security for everyone

CVE-2017-18564 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in Sender plugin for WordPress affects v. before 1.2.1.


Short Info



Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Domain, Ipv4



The Sender plugin for WordPress is a widely-used tool that enables website owners to quickly and easily send emails. This plugin facilitates communication between website visitors and the site operator by allowing for efficient messaging through customizable forms and templates. With its user-friendly interface and customizable options, the Sender plugin has become a popular choice for website owners seeking to streamline their email communications process.

However, the plugin has been found to have multiple XSS (cross-site scripting) vulnerabilities. One such vulnerability is known as CVE-2017-18564. This vulnerability allows attackers to inject malicious code into the plugin's script, enabling them to execute arbitrary code or steal sensitive information from a website's visitors or operators.

If exploited, CVE-2017-18564 can lead to serious consequences, including compromised user data, system access, and control over website functions. The vulnerability allows attackers to execute malicious code within the context of a user's browser, allowing them to gain access to sensitive information like login credentials, personal data, and payment details. They can also use this vulnerability to steal cookies and session IDs, gaining access to sensitive website functions like admin panels.

In conclusion, while the Sender plugin for WordPress is a useful tool for website operators, it is important to be aware of the potential security risks that come with using it. By taking appropriate precautions, website owners can protect against vulnerabilities like CVE-2017-18564 and keep their sensitive data and website functions safe. By utilizing the pro features of the platform, website operators can quickly learn about potential vulnerabilities and take action to protect their digital assets.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture