2 matches found
SMTP Injection
Overview aiosmtplib is an aiosmtplib is an asynchronous SMTP client for use with asyncio. Affected versions of this package are vulnerable to SMTP Injection. It is possible to insert an arbitrary SMTP command through the hostname or the sourceaddress field. PoC python import asyncio from...
WordPress Contact Form Entries 1.1.6 Cross Site Scripting
Exploit Title: WordPress Plugin Contact Form Entries 1.1.6 - Cross Site Scripting XSS Unauthenticated Date: 22/12/2021 Exploit Author: gx1 Vulnerability Discovery: Gaetano Perrone Vendor Homepage: https://www.crmperks.com/ Software Link: https://wordpress.org/plugins/contact-form-entries/ Version...