VYPR

Fluentcrm

by Wpmanageninja

Source repositories

CVEs (3)

  • CVE-2024-30430MedMar 29, 2024
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Email Newsletter Team - FluentCRM Fluent CRM allows Stored XSS.This issue affects Fluent CRM: from n/a through 2.8.44.

  • CVE-2026-7798MedMay 22, 2026
    risk 0.35cvss 5.4epss 0.01

    The FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.9.87 via the 'SubscribeURL' parameter. This makes it…

  • CVE-2023-1430MedJun 9, 2023
    risk 0.35cvss 6.5epss 0.01

    The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data in versions up to, and including, 2.8.01 due to the use of an MD5 hash without a salt to control subscriptions. This makes it possible for unauthenticated…