Wpmailster Wp_mailster

12 CVEs affecting Wpmailster Wp_mailster. Latest disclosed: 2025-02-04. Critical: 0, High: 5.

Top CVEs affecting Wpmailster Wp_mailster
CVESeverityScorePublishedSummary
CVE-2024-53807High8.52024-12-06Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in brandtoss WP Mailster wp-mailster allows Blind SQL Inject…
CVE-2024-53805High7.52024-12-06Missing Authorization vulnerability in brandtoss WP Mailster wp-mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue aff…
CVE-2024-53804High7.52024-12-06Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster wp-mailster allows Retrieve Embedded Sensitive Data.This issue affects…
CVE-2025-24598High7.12025-02-04Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster wp-mailster allows Reflected XSS.Th…
CVE-2025-24559High7.12025-02-03Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster wp-mailster allows Reflected XSS.Th…
CVE-2024-53803Medium6.52024-12-06Missing Authorization vulnerability in brandtoss WP Mailster wp-mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue aff…
CVE-2024-53737Medium6.52024-11-28Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster wp-mailster allows Stored XSS.This…
CVE-2024-11782Medium6.42024-12-03The WP Mailster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mst_subscribe' shortcode in all versions up to, and includi…
CVE-2021-28975Medium6.12021-10-21WP Mailster 1.6.18.0 allows XSS when a victim opens a mail server's details in the mst_servers page, for a crafted server_host, server_name, or connection_para…
CVE-2017-17451Medium6.12017-12-07The WP Mailster plugin before 1.5.5 for WordPress has XSS in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php.
CVE-2025-22303Medium5.32025-01-07Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster wp-mailster allows Retrieve Embedded Sensitive Data.This issue affects…
CVE-2024-54355Medium4.32024-12-16Cross-Site Request Forgery (CSRF) vulnerability in brandtoss WP Mailster wp-mailster allows Cross Site Request Forgery.This issue affects WP Mailster: from n/a…