Cross-Site Scripting Flaw in WP Ultimate Email Marketer Plugin by WordPress
CVE-2013-3263

Currently unrated

Key Information:

Vendor: Wordpress
Status: WP Ultimate Email Marketer Plugin
Vendor: CVE Published:; 5 November 2013

Summary

Multiple vulnerabilities within the WP Ultimate Email Marketer plugin facilitate cross-site scripting attacks, enabling remote attackers to execute arbitrary web scripts or HTML. This is achieved through various parameters in the plugin's functionalities, including those relating to campaign management and email templates. Exploiting these XSS vulnerabilities could lead to unauthorized actions on behalf of users, potentially compromising sensitive information.

References

http://secunia.com/advisories/53170

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/62621

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 5, 2013