CVE-2021-47830
GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
GetSimple CMS My SMTP Contact Plugin 1.1.1 contains a cross-site request forgery (CSRF) vulnerability. Attackers can craft a malicious webpage that, when visited by an authenticated administrator, can change SMTP configuration settings in the plugin. This may allow unauthorized changes but does not directly enable remote code execution.
| CWE | CWE-352 |
| Vendor | getsimple cms |
| Product | my smtp contact plugin |
| Published | Jan 21, 2026 |
| Last Updated | Apr 7, 2026 |
Stay Ahead of the Next One
Get instant alerts for getsimple cms my smtp contact plugin
Be the first to know when new unknown vulnerabilities affecting getsimple cms my smtp contact plugin are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
GetSimple CMS / My SMTP Contact Plugin
1.1.1
References
exploit-db.com: https://www.exploit-db.com/exploits/49774 exploit-db.com: https://www.exploit-db.com/exploits/49798 get-simple.info: http://get-simple.info github.com: https://github.com/GetSimpleCMS/GetSimpleCMS vulncheck.com: https://www.vulncheck.com/advisories/getsimple-cms-my-smtp-contact-plugin-csrf
Credits
Bobby Cooke (boku)