Search Results (2 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-47778 2 Get-simple, Netexplorer 2 Getsimplecms, My Smtp Contact 2026-07-15 7.2 High
GetSimple CMS My SMTP Contact Plugin 1.1.2 contains a PHP code injection vulnerability. An authenticated administrator can inject arbitrary PHP code through plugin configuration parameters, leading to remote code execution on the server.
CVE-2021-29400 1 Netexplorer 1 My Smtp Contact 2024-11-21 6.5 Medium
A cross-site request forgery (CSRF) vulnerability in the My SMTP Contact v1.1.1 plugin for GetSimple CMS allows remote attackers to change the SMTP settings of the contact forms for the webpages of the CMS after an authenticated admin visits a malicious third-party site.