Envialosimple: >> Email Marketing Y Newsletters >> 1.97 Security Vulnerabilities
Multiple cross-site scripting (XSS) vulnerabilities in paginas/vista-previa-form.php in the EnvialoSimple: Email Marketing and Newsletters (envialosimple-email-marketing-y-newsletters-gratis) plugin before 1.98 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) FormID or (2) AdministratorID parameter.
CVSS Score
4.3
EPSS Score
0.002
Published
2014-07-02