Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
FluentSMTP < 2.2.3 - Stored XSS via Email Logs
Vulnerability Description
The FluentSMTP WordPress plugin before 2.2.3 does not sanitize or escape email content, making it vulnerable to stored cross-site scripting attacks (XSS) when an administrator views the email logs. This exploit requires other plugins to enable users to send emails with unfiltered HTML.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress Plugin FluentSMTP 跨站脚本漏洞
Vulnerability Description
WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress Plugin FluentSMTP 2.2.3之前版本存在跨站脚本漏洞,该漏洞源于该插件不会对电子邮件内容进行清理或转义,使其在管理员查看电子邮件日志时容易受到存储的跨站脚本攻击 (XSS)。
CVSS Information
N/A
Vulnerability Type
N/A