CVE-2012-2579 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in the WP SimpleMail plugin 1.0.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) To (2) From (3) Date or (4) Subject field of an email.

Reference

http://osvdb.org/84534 http://secunia.com/advisories/50208 http://www.exploit-db.com/exploits/20361 http://www.securityfocus.com/bid/54905 https://exchange.xforce.ibmcloud.com/vulnerabilities/77538