Exploit Report

Computer Security And Bug Information


CVE Title
Published Date2023-03-13T17:15Z
Modified Date2023-03-16T15:53Z
CWE TypeCWE-79
DescriptionThe FluentSMTP WordPress plugin before 2.2.3 does not sanitize or escape email content, making it vulnerable to stored cross-site scripting attacks (XSS) when an administrator views the email logs. This exploit requires other plugins to enable users to send emails with unfiltered HTML.
By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites.
Reference URLhttps://wpscan.com/vulnerability/71662b72-311c-42db-86c5-a0276d25535c
Reference DescriptionMISC https://wpscan.com/vulnerability/71662b72-311c-42db-86c5-a0276d25535c
Reference Description
TagsExploit Third Party Advisory

This site's data is aggregated programmatically and provided "as is" without any representations or warranties, express or implied. Exploit.report is not affiliated with the The MITRE Corporation, U.S. Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), or US government in any way. CVE and the CVE logo are registered trademarks of The MITRE Corporation

© 2022 Exploit.Report | Data | Contact | Privacy Policy | Articles