| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
| CVE-2021-24528 | 30 Aug 202118:32 | β | circl | |
| WordPress ζδ»Άθ·¨η«θζ¬ζΌζ΄ | 30 Aug 202100:00 | β | cnnvd | |
| CVE-2021-24528 FluentSMTP < 2.0.1 - Authenticated Stored XSS | 30 Aug 202114:11 | β | cvelist | |
| EUVD-2021-11440 | 7 Oct 202500:30 | β | euvd | |
| CVE-2021-24528 | 30 Aug 202115:15 | β | nvd | |
| WordPress FluentSMTP Plugin < 2.0.1 XSS Vulnerability | 27 Mar 202300:00 | β | openvas | |
| CVE-2021-24528 | 30 Aug 202115:15 | β | osv | |
| WordPress FluentSMTP plugin <= 2.0.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | 29 Jul 202100:00 | β | patchstack | |
| Cross site scripting | 30 Aug 202115:15 | β | prion | |
| CVE-2021-24528 | 22 May 202518:24 | β | redhatcve |
[
{
"product": "FluentSMTP β WordPress Mail SMTP, SES, SendGrid, Mailgun and Any SMTP Plugin",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.0.1",
"status": "affected",
"version": "2.0.1",
"versionType": "custom"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| connection[sender_name] | request body | wp-admin/admin-ajax.php | Stored XSS via unsanitized settings in FluentSMTP plugin allowing injected HTML/JS through settings parameters. | CWE-79 |
| connection[sender_email] | request body | wp-admin/admin-ajax.php | Stored XSS via unsanitized settings in FluentSMTP plugin allowing injected HTML/JS through settings parameters. | CWE-79 |
| connection[force_from_name] | request body | wp-admin/admin-ajax.php | Stored XSS via unsanitized settings in FluentSMTP plugin allowing injected HTML/JS through settings parameters. | CWE-79 |
| connection[force_from_email] | request body | wp-admin/admin-ajax.php | Stored XSS via unsanitized settings in FluentSMTP plugin allowing injected HTML/JS through settings parameters. | CWE-79 |
| connection[return_path] | request body | wp-admin/admin-ajax.php | Stored XSS via unsanitized settings in FluentSMTP plugin allowing injected HTML/JS through settings parameters. | CWE-79 |
| connection[key_store] | request body | wp-admin/admin-ajax.php | Stored XSS via unsanitized settings in FluentSMTP plugin allowing injected HTML/JS through settings parameters. | CWE-79 |
| connection[provider] | request body | wp-admin/admin-ajax.php | Stored XSS via unsanitized settings in FluentSMTP plugin allowing injected HTML/JS through settings parameters. | CWE-79 |
| nonce | request body | wp-admin/admin-ajax.php | Stored XSS via unsanitized settings in FluentSMTP plugin allowing injected HTML/JS through settings parameters. | CWE-79 |
Data
Build on a solid foundation withΒ Vulners data
WeΒ provide theΒ essential building blocks forΒ cybersecurity solutions withΒ comprehensive, structured, andΒ constantly updated vulnerability andΒ exploits data
Api
Power your application withΒ Vulners API
The Vulners REST API offers reliable, high-performance access toΒ vulnerabilityΒ intelligence, withΒ 99.9%Β SLAΒ uptime andΒ CDN-backed data delivery forΒ seamlessΒ global access
App
Assess and manage vulnerabilities withΒ VulnersΒ tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation