V1n1v131r4/Exploiting-Postie-WordPress-Plugin-
GitHub
Releases0
Stars3
This PoC describe how to exploit Postie WordPress plugin v1.9.40
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 5.4 MEDIUM | 3.5 LOW | ||
The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by a certain payload with jaVasCript:/* at the beginning and a crafted SVG element. | |||
| 5.3 MEDIUM | 5 MEDIUM | ||
The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From information of an email message. | |||