PT-2026-3044 · WordPress · Importexporttools Ng
Vulnerability Lab
·
Publicado
2026-01-15
·
Atualizado
2026-01-30
·
CVE-2021-47768
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
ImportExportTools NG version 10.0.4
Description
ImportExportTools NG has a persistent HTML injection issue in the email export module. Remote attackers can inject malicious HTML payloads. Attackers can send emails with crafted HTML in the subject that executes during HTML export, potentially compromising user data or session credentials.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Importexporttools Ng