CVE-2019-25150 (email_templates)

The Email Templates plugin for WordPress is vulnerable to HTML Injection in versions up to, and including, 1.3. This makes it possible for attackers to present phishing forms or conduct cross-site request forgery attacks against site administrators.

administrators attackers attacks cross-site cross-site request forgery cve email forgery forms html html injection injection phishing plugin request vulnerable wordpress