20K WordPress Sites Exposed by Insecure Plugin REST-API – Threatpost

[ad_1]

wordpress plugin

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS.

More than 20,000 WordPress sites are vulnerable to malicious code injection, phishing scams and more as the result of a high-severity cross-site scripting (XSS) bug discovered in the WordPress Email Template Designer – WP HTML Mail, a plugin for designing custom emails.

The new vulnerability (CVE-2022-0218, CVSS score 8.3) was found by Wordfence researcher Chloe…

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *