The MailPoet Newsletters plugin for WordPress contains a security flaw. If you have version 2.7.2 or an earlier version of the plugin, attackers could inject malicious web scripts onto pages using the ‘encodedForm’ parameter. This would occur if they were able to trick a user into performing an action, such as clicking on a link. To protect yourself, make sure you’re using the latest version of the plugin.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
© Really Simple Plugins
CoC 70461155
Kalmarweg 14-5
9723 JG, Groningen (NL)
