GCVE - cpe:2.3:a:wpmanageninja:fluentcrm:*:*:*:*:*:wordpress:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:wpmanageninja:fluentcrm:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

Vendor	Wpmanageninja (`5cded9dc-417a-5fad-ad09-b49995903cbc`)
Product	Fluentcrm (`28ab6a65-c338-5c6d-97d7-ffeb6234a471`)
Edition	*
Language	*
Software edition	*
Target software	wordpress
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/fluentcrm/fluent-crm`	purl2cpe	2026-06-01 10:11:51.953652

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-30430`	vulnerable	2026-06-08 06:35:30.341944	WordPress FluentCRM plugin <= 2.8.44 - Cross Site Scripting (XSS) vulnerability MEDIUM (5.9) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Email Newsletter Team - FluentCRM Fluent CRM allows Stored XSS.This issue affects Fluent CRM: from n/a through 2.8.44. Published: 2024-03-29T13:33:24.089Z Updated: 2026-04-28T16:09:22.980Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/fluent-crm/wordpress-fluentcrm-plugin-2-8-44-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-1430`	vulnerable	2026-06-08 05:52:35.907274	FluentCRM - Marketing Automation For WordPress <= 2.8.01 - Insufficient Use of Hash as Authorization Control MEDIUM (6.5) The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data in versions up to, and including, 2.8.01 due to the use of an MD5 hash without a salt to control subscriptions. This makes it possible for unauthenticated attackers to unsubscribe users from lists and manage subscriptions, granted they gain access to any targeted subscribers email address. Published: 2023-06-09T05:33:37.287Z Updated: 2026-04-08T17:28:18.137Z Open on db.gcve.eu Reference links https://www.wordfence.com/threat-intel/vulnerabilities/id/de6da87e-8f7d-4120-8a1b-390ef7733d84?source=cve https://plugins.trac.wordpress.org/changeset/2899218/fluent-crm/tags/2.8.0/app/Hooks/Handlers/ExternalPages.php?old=2873074&old_path=fluent-crm%2Ftags%2F2.7.40%2Fapp%2FHooks%2FHandlers%2FExternalPages.php https://github.com/karlemilnikka/CVE-2023-1430 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2924787%40fluent-crm&new=2924787%40fluent-crm&sfp_email=&sfph_mail=	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.