PRIOn knowledge basePRION:CVE-2023-6875

HistoryJan 11, 2024 - 9:15 a.m.

Design/Logic Flaw

2024-01-1109:15:00

PRIOn knowledge base

www.prio-n.com

wordpress

plugin vulnerability

type juggling issue

unauthorized access

data modification

api key reset

site takeover

6.9 Medium

AI Score

Confidence

Low

0.033 Low

EPSS

Percentile

91.3%

JSON

The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to reset the API key used to authenticate to the mailer and view logs, including password reset emails, allowing site takeover.

CPENameOperatorVersion
post_smtp_mailerle2.8.7

CPE	Name	Operator	Version
	post_smtp_mailer	le	2.8.7

References

packetstormsecurity.com/files/176525/WordPress-POST-SMTP-Mailer-2.8.7-Authorization-Bypass-Cross-Site-Scripting.html

plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/includes/rest-api/v1/rest-api.php

plugins.trac.wordpress.org/changeset/3016051/post-smtp/trunk?contextall=1&old=3012318&old_path=%2Fpost-smtp%2Ftrunk

www.wordfence.com/threat-intel/vulnerabilities/id/e675d64c-cbb8-4f24-9b6f-2597a97b49af?source=cve