← Back

Fluentcrm

fluentcrm

Vendor: Wpmanageninja • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-30430
1Wpmanageninja
1Fluentcrm
Apr 28, 2026
Mar 29, 2024
N/A· v4
4.8 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Email Newsletter Team - FluentCRM Fluent CRM allows Stored XSS.This issue affects Fluent CRM: from n/a through 2.8....Show more
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Email Newsletter Team - FluentCRM Fluent CRM allows Stored XSS.This issue affects Fluent CRM: from n/a through 2.8.44.Show less
CVE-2023-1430
1Wpmanageninja
1Fluentcrm
Apr 8, 2026
Jun 9, 2023
N/A· v4
3.7 LOW· v3
N/A· v2
The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data in versions up to, and including, 2.8.01 due to the use of an MD5 hash without a salt to control...Show more
The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data in versions up to, and including, 2.8.01 due to the use of an MD5 hash without a salt to control subscriptions. This makes it possible for unauthenticated attackers to unsubscribe users from lists and manage subscriptions, granted they gain access to any targeted subscribers email address.Show less