Description
A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Configure categories" field under the "Categorise Lists" module.
Remediation
References
Related Vulnerabilities
WordPress Plugin ThinkIT WP Contact Form Multiple Vulnerabilities (0.2)
WordPress Plugin YITH WooCommerce Questions and Answers Security Bypass (1.1.9)
WordPress Plugin Testimonials Widget Cross-Site Scripting (3.5.1)
MediaWiki Improper Authentication Vulnerability (CVE-2013-4304)
WordPress Plugin WP Inventory Manager Unspecified Vulnerability (1.8.1)