Published: 21/02/2017 Updated: 13/03/2019

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2

VMScore: 655

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

A SQL injection issue exists in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Parameter: filter_list.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mail-masta project mail-masta 1.0

# Exploit Title: Multiple SQL injection vulnerabilities in Mail Masta (aka mail-masta) plugin 10 for Wordpress # Date: 02/18/2017 # Exploit Author: Hanley Shun # Vendor Homepage: wpcorecom/plugin/mail-masta # Software Link: wwwexploit-dbcom/apps/78745b48b15bf2b81153556ef1c8ec48-mail-mastazip # Version: 10 # Tested on: Kali Li ...

WordPress Mail Masta plugin version 10 suffers from a remote SQL injection vulnerability ...

CWE-89 https://github.com/hamkovic/Mail-Masta-Wordpress-Plugin https://wpvulndb.com/vulnerabilities/8740 https://www.exploit-db.com/exploits/41438/https://nvd.nist.gov https://www.exploit-db.com/exploits/41438/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-6096

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect