Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin WordPress Email Template Designer-WP HTML Mail HTML Injection - Vulnerability Database
WP Plugin Wp Html Mail

WordPress Plugin WordPress Email Template Designer-WP HTML Mail HTML Injection

Medium
Reference: No Reference
Title: WordPress Plugin WordPress Email Template Designer-WP HTML Mail HTML Injection
Overview:

WordPress Plugin WordPress Email Template Designer-WP HTML Mail is prone to an HTML injection vulnerability because it fails to properly sanitize user-supplied input. Attacker supplied HTML and script code would run in the context of the affected browser potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user other attacks are also possible. WordPress Plugin WordPress Email Template Designer-WP HTML Mail version 2.9.0.3 is vulnerable prior versions may also be affected.