Lucene search
+L

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:5 a.m.12 views

CVE-2023-6621

The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.1AI score0.00401EPSS
Exploits2References1
Circl
Circl
added 2024/01/03 10:27 a.m.6 views

CVE-2023-6621

creationtimestamp| type| source ---|---|--- 2024-01-03 10:27:07+00:00| seen| https://t.me/ctinow/162296 2024-01-04 01:34:58+00:00| seen| https://t.me/cibsecurity/74309 2024-01-05 14:42:26+00:00| seen| https://t.me/arpsyndicate/2484 2024-01-09 21:16:39+00:00| seen| https://t.me/ctinow/165371...

6.1CVSS6AI score0.00401EPSS
Exploits2References5
NVD
NVD
added 2024/01/03 9:15 a.m.23 views

CVE-2023-6621

The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6AI score0.00401EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/01/03 8:32 a.m.31 views

CVE-2023-6621 Post SMTP < 2.8.7 - Reflected Cross-Site Scripting

The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.2AI score0.00401EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/01/03 8:32 a.m.4 views

CVE-2023-6621 Post SMTP < 2.8.7 - Reflected Cross-Site Scripting

The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.2AI score0.00401EPSS
Exploits2References1
CVE
CVE
added 2024/01/03 8:32 a.m.52 views

CVE-2023-6621

The CVE-2023-6621 entry applies to the WordPress Post SMTP plugin (versions before 2.8.7). Root cause: the msg parameter is not sanitized/escaped before echoing back on the page, causing a Reflected Cross-Site Scripting vulnerability. Impact: could affect high-privilege users such as admins; CVSS...

6.1CVSS6AI score0.00401EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2024/01/03 8:32 a.m.5 views

CVE-2023-6621 Post SMTP < 2.8.7 - Reflected Cross-Site Scripting

The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.4AI score0.00401EPSS
Exploits2References4
Rows per page
Query Builder