cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-4422,https://securityvulnerability.io/vulnerability/CVE-2021-4422,Cross-Site Request Forgery in POST SMTP Mailer Plugin for WordPress,"The POST SMTP Mailer plugin for WordPress is susceptible to Cross-Site Request Forgery due to inadequate nonce validation on the handleCsvExport() function. This vulnerability allows unauthenticated attackers to potentially trigger a CSV export by crafting a malicious request, deceiving an administrator into executing it through social engineering tactics such as enticing them to click a link.",Wordpress,"Post Smtp Mailer – Email Log, Delivery Failure Notifications And Best Mail Smtp For WordPress",4.3,MEDIUM,0.001449999981559813,false,,false,false,false,,false,false,2023-07-12T06:52:35.453Z,0
CVE-2023-3082,https://securityvulnerability.io/vulnerability/CVE-2023-3082,Stored Cross-Site Scripting Vulnerability in Post SMTP Plugin for WordPress,"The Post SMTP plugin for WordPress is susceptible to Stored Cross-Site Scripting (XSS) due to inadequate input validation and output encoding. This vulnerability allows unauthenticated attackers to embed malicious scripts within email content, which can be executed when other users view an affected page. As a result, it poses a significant risk to users by compromising their session, potentially revealing sensitive data or allowing for further exploitation of the site.",Wordpress,"POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress",6.1,MEDIUM,0.0008500000112690032,false,,false,false,false,,false,false,2023-07-12T05:15:00.000Z,0