Automattic Mailpoet
3 CVEs affecting Automattic Mailpoet. Latest disclosed: 2025-05-15. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-10103 | Medium | 6.1 | 2024-11-19 | In the process of testing the MailPoet WordPress plugin before 5.3.2, a vulnerability was found that allows you to implement Stored XSS on behalf of the edito… |
CVE-2019-11843 | Medium | 6.1 | 2020-06-02 | The MailPoet plugin before 3.23.2 for WordPress allows remote attackers to inject arbitrary web script or HTML using extra parameters in the URL (Reflective Se… |
CVE-2024-12743 | Medium | 4.8 | 2025-05-15 | The MailPoet WordPress plugin before 5.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform… |