Limited Black Friday Offer:
Security for everyone

WP Mailster <= 1.5.4 - Unauthenticated Cross-Site Scripting (XSS) CVE-2017-17451 Scanner

Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload.

SCAN NOW

Short Info

Level

Medium

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Parent Category

WP Mailster <= 1.5.4 - Unauthenticated Cross-Site Scripting (XSS) CVE-2017-17451 Scanner Detail

The WP Mailster plugin before 1.5.5 for WordPress has XSS in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php.