QwikSec

Security Database

CVE

CWE

Training

CVE-2021-47830

Published: Jan 21, 2026

Modified: Apr 7, 2026

PUBLISHED

Description

GetSimple CMS My SMTP Contact Plugin 1.1.1 contains a cross-site request forgery (CSRF) vulnerability. Attackers can craft a malicious webpage that, when visited by an authenticated administrator, can change SMTP configuration settings in the plugin. This may allow unauthorized changes but does not directly enable remote code execution.

Vendor	Product	Versions
GetSimple CMS	My SMTP Contact Plugin	affected `1.1.1`

Weaknesses (CWE)

References

ExploitDB-49774

exploit

ExploitDB-49798

exploit

GetSimple CMS Webpage

product

GetSimple CMS GitHub Repository

product

VulnCheck Advisory: GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.