CVE-2021-47870

MEDIUM

GetSimple CMS My SMTP Contact Plugin 1.1.2 - XSS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-47870. PoCs published by boku.

AI-analyzed exploit summary This exploit chains a CSRF vulnerability with a stored XSS vulnerability in the My SMTP Contact plugin for GetSimple CMS to achieve remote code execution. The XSS payload bypasses htmlspecialchars() using hex-escaped characters to inject a script that collects a CSRF token and uploads a webshell.

Description

GetSimple CMS My SMTP Contact Plugin 1.1.2 suffers from a Stored Cross-Site Scripting (XSS) vulnerability. The plugin attempts to sanitize user input using htmlspecialchars(), but this can be bypassed by passing dangerous characters as escaped hex bytes. This allows attackers to inject arbitrary client-side code that executes in the administrator's browser when visiting a malicious page.

Exploits (1)

exploitdb WORKING POC

by boku · pythonwebappsphp

https://www.exploit-db.com/exploits/49798

View Code ZIP pw:eip

This exploit chains a CSRF vulnerability with a stored XSS vulnerability in the My SMTP Contact plugin for GetSimple CMS to achieve remote code execution. The XSS payload bypasses htmlspecialchars() using hex-escaped characters to inject a script that collects a CSRF token and uploads a webshell.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: GetSimple CMS My SMTP Contact Plugin <= v1.1.2

No auth needed

Prerequisites: Victim must visit a malicious site controlled by the attacker · Target must have the vulnerable plugin installed · Admin session must be active

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →