cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11782,https://securityvulnerability.io/vulnerability/CVE-2024-11782,Plugin Vulnerability Affects WordPress Sites,"The WP Mailster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mst_subscribe' shortcode in all versions up to, and including, 1.8.17.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",Wordpress,WP Mailster,6.4,MEDIUM,0.0005300000193528831,false,,false,false,false,,false,false,2024-12-03T09:32:01.713Z,0
CVE-2017-17451,https://securityvulnerability.io/vulnerability/CVE-2017-17451,,The WP Mailster plugin before 1.5.5 for WordPress has XSS in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php.,Wordpress,WP Mailster,6.1,MEDIUM,0.002520000096410513,false,,false,false,false,,false,false,2017-12-07T00:00:00.000Z,0