Lucene search
+L

CVE-2021-24528

🗓️ 30 Aug 2021 15:15:07Reported by GoogleType 
osv
 osv
🔗 osv.dev👁 3 Views

FluentSMTP before 2.0.1 stores plugin settings unsafely, enabling stored cross site scripting by users with plugin management rights.

Related
Refs
ReporterTitlePublishedViews
Family
Circl
CVE-2021-24528
30 Aug 202118:32
circl
CNNVD
WordPress 插件跨站脚本漏洞
30 Aug 202100:00
cnnvd
CVE
CVE-2021-24528
30 Aug 202114:11
cve
Cvelist
CVE-2021-24528 FluentSMTP < 2.0.1 - Authenticated Stored XSS
30 Aug 202114:11
cvelist
EUVD
EUVD-2021-11440
7 Oct 202500:30
euvd
NVD
CVE-2021-24528
30 Aug 202115:15
nvd
OpenVAS
WordPress FluentSMTP Plugin < 2.0.1 XSS Vulnerability
27 Mar 202300:00
openvas
Patchstack
WordPress FluentSMTP plugin <= 2.0.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
29 Jul 202100:00
patchstack
Prion
Cross site scripting
30 Aug 202115:15
prion
RedhatCVE
CVE-2021-24528
22 May 202518:24
redhatcve
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 May 2026 08:34Current
5.3Medium risk
Vulners AI Score5.3
CVSS 3.15.4
EPSS0.00624
3