30 matches found
CVE-2026-7621
The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...
CVE-2026-7621
The SMTP2GO for WordPress – Email Made Easy plugin (WordPress) is vulnerable in all versions up to 1.16.0 due to improper authorization checks. Authenticated users with subscriber-level access or higher can truncate SMTP log records or export sensitive log data (recipient/sender addresses, subjec...
CVE-2026-7621 SMTP2GO for WordPress <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate
The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...
CVE-2026-7621 SMTP2GO for WordPress <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate
The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...
CVE-2026-7621
The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...
WordPress SMTP2GO for WordPress – Email Made Easy plugin <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate vulnerability
Missing Authorization to Authenticated Subscriber+ Log Read/Truncate vulnerability discovered by darkmode in WordPress Plugin SMTP2GO versions = 1.16.0...
EUVD-2025-21679
Malicious code in bioql PyPI...
EUVD-2023-32166
Malicious code in bioql PyPI...
CVE-2025-54011
Missing Authorization vulnerability in SMTP2GO SMTP2GO smtp2go allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMTP2GO: from n/a through = 1.12.1...
WordPress SMTP2GO plugin <= 1.12.1 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin SMTP2GO versions = 1.12.1...
CVE-2025-54011
Missing Authorization vulnerability in SMTP2GO SMTP2GO smtp2go allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMTP2GO: from n/a through = 1.12.1...
CVE-2025-54011
CVE-2025-54011 affects the WordPress SMTP2GO plugin up to and including 1.12.1. Root cause is missing authorization enabling broken access control. Reported risk score: CVSS 3.1 base 4.3 (Medium) with network access and low privileges required. Connected sources indicate a patched state; remediat...
CVE-2025-54011 WordPress SMTP2GO plugin <= 1.12.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in SMTP2GO SMTP2GO smtp2go allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMTP2GO: from n/a through = 1.12.1...
CVE-2025-54011 WordPress SMTP2GO plugin <= 1.12.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in SMTP2GO SMTP2GO smtp2go allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMTP2GO: from n/a through = 1.12.1...
WordPress plugin SMTP2GO 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-29745 · Smtp2Go · Smtp2Go
Name of the Vulnerable Software and Affected Versions: SMTP2GO versions n/a through 1.12.1 Description: The SMTP2GO software contains a missing authorization flaw that allows exploiting incorrectly configured access control security levels. Recommendations: At the moment, there is no information...
CVE-2023-28496
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in SMTP2GO – Email Made Easy plugin = 1.4.2 versions...
MAL-2024-11156 Malicious code in smtp2go (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ee3777f995fe5a08e581e345e2f1b39a3c0a271203e9f97f6105bc1dafc3053 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in smtp2go (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ee3777f995fe5a08e581e345e2f1b39a3c0a271203e9f97f6105bc1dafc3053 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2023-28496
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in SMTP2GO – Email Made Easy plugin = 1.4.2 versions...