← voltar
CVE-2021-47830

GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF

CVSS 5.1 MEDIUMEPSS 0.3%CWE-352
GetSimple CMS My SMTP Contact Plugin 1.1.1 contains a cross-site request forgery (CSRF) vulnerability. Attackers can craft a malicious webpage that, when visited by an authenticated administrator, can change SMTP configuration settings in the plugin. This may allow unauthorized changes but does not directly enable remote code execution.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Produtos afetados
GetSimple CMS · My SMTP Contact Plugin

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://get-simple.infohttps://github.com/GetSimpleCMS/GetSimpleCMShttps://www.exploit-db.com/exploits/49774https://www.exploit-db.com/exploits/49798https://www.vulncheck.com/advisories/getsimple-cms-my-smtp-contact-plugin-csrf