CVE-2017-17451 Scanner
Detects 'Cross-Site Scripting (XSS)' vulnerability in WP Mailster plugin for WordPress affects v. before 1.5.5.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Time Interval
792 sec
Scan only one
Url
Toolbox
-
WP Mailster is a popular email marketing plugin for WordPress which allows website owners to send newsletters and email campaigns to their subscribers. With a user-friendly interface and a wide range of features, WP Mailster makes it easy for businesses to reach out to their customers and keep them engaged.
However, despite its popularity and usefulness, WP Mailster has been found to have a critical security flaw in the form of the CVE-2017-17451 vulnerability. This vulnerability exists in the unsubscribe handler, specifically via the mes parameter to view/subscription/unsubscribe2.php. This vulnerability allows malicious actors to inject malicious code into the website, compromising user data and potentially even taking over the entire site.
If exploited, the CVE-2017-17451 vulnerability in WP Mailster can lead to devastating consequences for website owners and their customers. Malicious actors can potentially gain unauthorized access to sensitive user data, such as email addresses, payment details, and even personal information. This can result in severe financial and reputational damage to website owners, and significant inconvenience and harm to their customers.
At s4e.io, our pro features allow users to easily and quickly scan their digital assets for vulnerabilities, including the CVE-2017-17451 vulnerability. With our platform, users can rest assured that their digital assets are secure and protected against potential attacks. Don't wait until it's too late to protect your website - sign up for our pro features today.
REFERENCES