Unrated severityNVD Advisory· Published Jan 16, 2014· Updated Jun 16, 2026
CVE-2012-6627
CVE-2012-6627
Description
Cross-site scripting (XSS) vulnerability in admin/test_mail.php in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Affected products
4cpe:2.3:a:xyzscripts:newsletter_manager:1.0.1:-:-:*:-:wordpress:*:*+ 2 more
- cpe:2.3:a:xyzscripts:newsletter_manager:1.0.1:-:-:*:-:wordpress:*:*
- cpe:2.3:a:xyzscripts:newsletter_manager:1.0:-:-:*:-:wordpress:*:*
- cpe:2.3:a:xyzscripts:newsletter_manager:*:-:-:*:-:wordpress:*:*range: <=1.0.2
- Range: <=1.0.2
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.