VYPR
Unrated severityNVD Advisory· Published Jan 16, 2014· Updated Jun 16, 2026

CVE-2012-6627

CVE-2012-6627

Description

Cross-site scripting (XSS) vulnerability in admin/test_mail.php in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter.

Affected products

4
  • cpe:2.3:a:xyzscripts:newsletter_manager:1.0.1:-:-:*:-:wordpress:*:*+ 2 more
    • cpe:2.3:a:xyzscripts:newsletter_manager:1.0.1:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:xyzscripts:newsletter_manager:1.0:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:xyzscripts:newsletter_manager:*:-:-:*:-:wordpress:*:*range: <=1.0.2
  • Range: <=1.0.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.