A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Parameter: filter_list.
References
Link | Resource |
---|---|
https://github.com/hamkovic/Mail-Masta-Wordpress-Plugin | Exploit Third Party Advisory |
https://wpvulndb.com/vulnerabilities/8740 | Exploit Third Party Advisory |
https://www.exploit-db.com/exploits/41438/ | Exploit Third Party Advisory VDB Entry |
Configurations
History
No history.
Information
Published : 2017-02-21 07:59
Updated : 2024-02-04 19:11
NVD link : CVE-2017-6096
Mitre link : CVE-2017-6096
CVE.ORG link : CVE-2017-6096
JSON object : View
Products Affected
mail-masta_project
- mail-masta
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')