Cross-Site Scripting Vulnerability in Newsletter Manager Plugin by WordPress
CVE-2012-6627

Currently unrated

Key Information:

Vendor: Wordpress
Status: Newsletter Manager
Vendor: CVE Published:; 16 January 2014

What is CVE-2012-6627?

A Cross-Site Scripting (XSS) vulnerability exists in the Newsletter Manager plugin, specifically within the admin/test_mail.php file. This issue allows remote attackers to inject arbitrary web scripts or HTML via the 'id' parameter. Exploitation of this vulnerability could lead to unauthorized actions on behalf of users of the affected site, making it crucial for website administrators to ensure they are using updated and secure versions of the plugin.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://packetstormsecurity.org/files/112694/WordPress-New...

x_refsource_MISC

http://secunia.com/advisories/49152

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 16, 2014

JSON

Wordpress

What is CVE-2012-6627?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.