CVE-2012-2580

Currently unrated

Key Information:

Vendor: Wordpress
Status: Postie
Vendor: CVE Published:; 20 June 2014

Summary

Cross-site scripting (XSS) vulnerability in the Postie plugin 1.4.3, and possibly before 1.5.15, for WordPress allows remote attackers to inject arbitrary web script or HTML via the From field of an email.

References

http://osvdb.org/84532

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/77537

vdb-entryx_refsource_XF

http://secunia.com/advisories/50207

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jun 20, 2014
Vulnerability Reserved
May 9, 2012