Mail Masta 1.0 - Multiple SQL Injection



Description
Multiple SQL Injection vulnerabilities in Mail Masta Plugin version 1.0 for WordPress.

Please note that this Plugin was removed from the WordPress repository in 2016.
Proof of Concept
Please refer to: https://github.com/hamkovic/Mail-Masta-Wordpress-Plugin

Affects Plugin

References

CVE 2017-6095
CVE 2017-6096
CVE 2017-6097
CVE 2017-6098
URL https://github.com/hamkovic/Mail-Masta-Wordpress-Plugin

Classification

Type SQLI
OWASP Top 10 A1: Injection
CWE CWE-89

Miscellaneous

Submitter Hanley Shun
Submitter Website https://github.com/hamkovic/
Views 4808
Verified No
WPVDB ID 8740

Timeline

Publicly Published 2017-02-18 (over 2 years ago)
Added 2017-02-23 (over 2 years ago)
Last Updated 2017-02-23 (over 2 years ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin