Vulners
Lucene search
CVE-2022-2352
๐๏ธย 26 Sep 2022ย 12:35:32Reported byย WPScanTypeย 
ย cve๐ย web.nvd.nist.gov๐ฐ๏ธย 1ย Media mentions๐ย 66ย Views๐ WEB
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | CVE-2022-2352 | 26 Sep 202216:21 | โ | circl |
 | WordPress plugin Post SMTP Mailer/Email Log ไปฃ็ ้ฎ้ขๆผๆด | 26 Sep 202200:00 | โ | cnnvd |
 | WordPress Post SMTP Mailer/Email Log Server Request Forgery Vulnerability | 28 Sep 202200:00 | โ | cnvd |
 | CVE-2022-2352 Post SMTP < 2.1.7 - Admin+ Blind SSRF | 26 Sep 202212:35 | โ | cvelist |
 | EUVD-2022-34621 | 3 Oct 202520:07 | โ | euvd |
 | CVE-2022-2352 | 26 Sep 202213:15 | โ | nvd |
 | WordPress Post SMTP Mailer/Email Log Plugin < 2.1.7 SSRF Vulnerability | 4 Oct 202200:00 | โ | openvas |
 | WordPress Post SMTP Mailer/Email Log plugin <= 2.1.6 - Authenticated Blind Server-Side Request Forgery (SSRF) vulnerability | 5 Sep 202200:00 | โ | patchstack |
 | Server side request forgery (ssrf) | 26 Sep 202213:15 | โ | prion |
 | PT-2022-16047 ยท WordPress ยท Post Smtp Mailer/Email Log | 26 Sep 202200:00 | โ | ptsecurity |
10
[
{
"product": "Post SMTP Mailer/Email Log",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.1.7",
"status": "affected",
"version": "2.1.7",
"versionType": "custom"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| action | request body | wp-admin/admin-ajax.php | Blind SSRF via unauthenticated AJAX actions in Post SMTP plugin allowing high-privilege users to test ports/hosts. | CWE-918 |
| hostname | request body | wp-admin/admin-ajax.php | Blind SSRF via unauthenticated AJAX actions in Post SMTP plugin allowing high-privilege users to test ports/hosts. | CWE-918 |
| port | request body | wp-admin/admin-ajax.php | Blind SSRF via unauthenticated AJAX actions in Post SMTP plugin allowing high-privilege users to test ports/hosts. | CWE-918 |
| security | request body | wp-admin/admin-ajax.php | Blind SSRF via unauthenticated AJAX actions in Post SMTP plugin allowing high-privilege users to test ports/hosts. | CWE-918 |
| action | request body | wp-admin/admin-ajax.php | Blind SSRF via unauthenticated AJAX actions in Post SMTP plugin allowing high-privilege users to test ports/hosts. | CWE-918 |
| hostname | request body | wp-admin/admin-ajax.php | Blind SSRF via unauthenticated AJAX actions in Post SMTP plugin allowing high-privilege users to test ports/hosts. | CWE-918 |
| port | request body | wp-admin/admin-ajax.php | Blind SSRF via unauthenticated AJAX actions in Post SMTP plugin allowing high-privilege users to test ports/hosts. | CWE-918 |
| security | request body | wp-admin/admin-ajax.php | Blind SSRF via unauthenticated AJAX actions in Post SMTP plugin allowing high-privilege users to test ports/hosts. | CWE-918 |
Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 May 2025 20:15Current
6.8Medium risk
Vulners AI Score6.8
CVSS 3.17.2
EPSS0.01001
SSVC