Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2025/05/23 2:5 a.m.12 views

CVE-2023-6621

The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.1AI score0.00401EPSS
Exploits2References1
circl
circl
added 2024/01/03 10:27 a.m.6 views

CVE-2023-6621

creationtimestamp| type| source ---|---|--- 2024-01-03 10:27:07+00:00| seen| https://t.me/ctinow/162296 2024-01-04 01:34:58+00:00| seen| https://t.me/cibsecurity/74309 2024-01-05 14:42:26+00:00| seen| https://t.me/arpsyndicate/2484 2024-01-09 21:16:39+00:00| seen| https://t.me/ctinow/165371...

6.1CVSS6AI score0.00401EPSS
Exploits2References5
nvd
nvd
added 2024/01/03 9:15 a.m.23 views

CVE-2023-6621

The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6AI score0.00401EPSS
Exploits2References1
cvelist
cvelist
added 2024/01/03 8:32 a.m.31 views

CVE-2023-6621 Post SMTP < 2.8.7 - Reflected Cross-Site Scripting

The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.2AI score0.00401EPSS
Exploits2References1
osv
osv
added 2024/01/03 8:32 a.m.5 views

CVE-2023-6621 Post SMTP < 2.8.7 - Reflected Cross-Site Scripting

The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.4AI score0.00401EPSS
Exploits2References4
cve
cve
added 2024/01/03 8:32 a.m.51 views

CVE-2023-6621

The CVE-2023-6621 entry applies to the WordPress Post SMTP plugin (versions before 2.8.7). Root cause: the msg parameter is not sanitized/escaped before echoing back on the page, causing a Reflected Cross-Site Scripting vulnerability. Impact: could affect high-privilege users such as admins; CVSS...

6.1CVSS6AI score0.00401EPSS
Exploits2References1Affected Software1
vulnrichment
vulnrichment
added 2024/01/03 8:32 a.m.4 views

CVE-2023-6621 Post SMTP < 2.8.7 - Reflected Cross-Site Scripting

The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.2AI score0.00401EPSS
Exploits2References1
Rows per page
Query Builder