Vulnerability Details: Cross-Site Request Forgery (CSRF)/Cross-Site Scripting (XSS) Vulnerability in Simple Newsletter Plugin

Two weeks ago a user, yuyang998, on the wordpress.org Support Forum disclosed that the plugin Simple Newsletter Plugin has either a persistent or reflected cross-site scripting (XSS) vulnerability. On the thread for one of their others disclosures, we asked if they would be disclosing the details of them somewhere and didn’t get an answer in their response, […]

You may also like...