VYPR
Medium severity6.1NVD Advisory· Published Feb 10, 2017· Updated Jun 17, 2026

CVE-2017-5942

CVE-2017-5942

Description

An issue was discovered in the WP Mail plugin before 1.2 for WordPress. The replyto parameter when composing a mail allows for a reflected XSS. This would allow you to execute JavaScript in the context of the user receiving the mail.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.