CVE-2017-5942
An issue was discovered in the WP Mail plugin before 1.2 for WordPress. The replyto parameter when composing a mail allows for a reflected XSS. This would allow you to execute JavaScript in the context of the user receiving the mail.
Cross-site Scripting
Vendor | Product | Version |
---|---|---|
wp_mail_project | wp_mail | 𝑥 ≤ 1.1 |
Common Weakness Enumeration