WordPress Zoho ZeptoMail plugin <= 3.2.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Zoho ZeptoMail versions = 3.2.9...

CVE-2025-67972

Missing Authorization vulnerability in Zoho Mail Zoho ZeptoMail allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zoho ZeptoMail: from n/a through 3.2.9...

CVE-2025-49028

Cross-Site Request Forgery CSRF vulnerability in Zoho Mail Zoho ZeptoMail transmail allows Stored XSS.This issue affects Zoho ZeptoMail: from n/a through = 3.3.1...

CVE-2025-49028

Cross-Site Request Forgery CSRF vulnerability in Zoho Mail Zoho ZeptoMail transmail allows Stored XSS.This issue affects Zoho ZeptoMail: from n/a through = 3.3.1...

CVE-2025-49028

Technical details for CVE-2025-49028 are not provided in the supplied documents; no affected products, impact, or remediation specifics are available here. Monitor for updates.

CVE-2025-49028 WordPress Zoho ZeptoMail plugin <= 3.3.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Zoho Mail Zoho ZeptoMail transmail allows Stored XSS.This issue affects Zoho ZeptoMail: from n/a through = 3.3.1...

PT-2025-54297

Name of the Vulnerable Software and Affected Versions Zoho ZeptoMail versions n/a through 3.3.1 Description A Cross-Site Request Forgery CSRF issue exists in Zoho ZeptoMail, also allowing for Stored Cross-Site Scripting XSS. The issue impacts the way requests are handled, potentially allowing an...

WordPress plugin Zoho ZeptoMail 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... A cross-site reques...