WordPress Plugin Vulnerabilities

Mini Mail Dashboard Widget 1.42 - Message Body XSS

Description

The mini-mail-dashboard-widget WordPress plugin was affected by a Message Body XSS security vulnerability.

Affects Plugins

Plugin icon
mini-mail-dashboard-widget
Fixed in 1.43

References

CVE
CVE-2012-2583
Exploitdb
20358

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Verified
No
WPVDB ID
ffdcfe31-5670-484f-a8e7-84a953aa7ee8

Timeline

Publicly Published
2012-08-08 (about 13 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-11-28 (about 6 years ago)

Other

Published
Title
Published
2021-05-17
Title
Funnel Builder by CartFlows < 1.6.13 - Authenticated Stored XSS via FB Pixel ID and Google Analytics ID
Published
2022-12-02
Title
Bulk Delete Users by Email < 2.0.0 - Reflected Cross-Site Scripting
Published
2024-06-17
Title
Interface < 3.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2023-02-13
Title
Product GTIN (EAN, UPC, ISBN) for WooCommerce <= 1.1.1 - Contributor+ Stored XSS
Published
2023-02-20
Title
WordPress Custom Settings <= 1.0 - Admin+ Stored XSS