Medium severity6.1NVD Advisory· Published Feb 10, 2017· Updated Jun 17, 2026
CVE-2017-5942
CVE-2017-5942
Description
An issue was discovered in the WP Mail plugin before 1.2 for WordPress. The replyto parameter when composing a mail allows for a reflected XSS. This would allow you to execute JavaScript in the context of the user receiving the mail.
Affected products
2Patches
Vulnerability mechanics
References
2- cjc.im/advisories/0006/nvdExploitThird Party Advisory
- www.securityfocus.com/bid/96211nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.