CVE-2012-2579
Multiple cross-site scripting (XSS) vulnerabilities in the WP SimpleMail plugin 1.0.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) To, (2) From, (3) Date, or (4) Subject field of an email.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0161 (1.6%)
Percentile: 81.9%
EPSS: 2026-05-06
Affects
wp_simplemail_project:wp_simplemailTechnical description
Multiple cross-site scripting (XSS) vulnerabilities in the WP SimpleMail plugin 1.0.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) To, (2) From, (3) Date, or (4) Subject field of an email.
Published: 6/20/2014, 2:55:05 PM
Last modified: 5/6/2026, 10:30:45 PM