← volver
CVE-2021-47830

GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF

CVSS 5.1 MEDIUMEPSS 0.3%CWE-352
GetSimple CMS My SMTP Contact Plugin 1.1.1 contains a cross-site request forgery (CSRF) vulnerability. Attackers can craft a malicious webpage that, when visited by an authenticated administrator, can change SMTP configuration settings in the plugin. This may allow unauthorized changes but does not directly enable remote code execution.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Productos afectados
GetSimple CMS · My SMTP Contact Plugin

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://get-simple.infohttps://github.com/GetSimpleCMS/GetSimpleCMShttps://www.exploit-db.com/exploits/49774https://www.exploit-db.com/exploits/49798https://www.vulncheck.com/advisories/getsimple-cms-my-smtp-contact-plugin-csrf