CVE-2025-9762

CVE-2025-9762 affects the WordPress plugin Post By Email (versions ≤ 1.0.4b). The vulnerability arises from missing file type validation in save_attachments, allowing unauthenticated arbitrary file uploads to the server, with potential for remote code execution. Wordfence’s vulnerability report q...

WordPress Post By Email plugin <= 1.0.4b - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Post By Email versions = 1.0.4b...