MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2024-30430

CVSS 5.9v3.1pub. 2024-03-29upd. 2026-04-28

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Email Newsletter Team - FluentCRM Fluent CRM allows Stored XSS.This issue affects Fluent CRM: from n/a through 2.8.44.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
  • Wpmanageninja Fluentcrm

    APP
    Wpmanageninja
    < 2.8.45
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2023-1430MEDIUM6.5ten sam produkt

The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modific...

CVE-2025-2940HIGH7.2ten sam vendor

The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to Server-Side Request Forgery i...

CVE-2024-13568HIGH7.5ten sam vendor

The Fluent Support – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Sensitive...

CVE-2024-47304HIGH8.5ten sam vendor

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjaha...

CVE-2023-51547HIGH7.6ten sam vendor

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPManage...