9 matches found
CVE-2023-6875
The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7...
Wordpress POST SMTP Account Takeover
The POST SMTP WordPress plugin prior to 2.8.7 is affected by a privilege escalation where an unauthenticated user is able to reset the password of an arbitrary user. This is done by requesting a password reset, then viewing the latest email logs to find the associated password reset email. Module...
Exploit for Missing Authorization in Wpexperts Post_Smtp
CVE-2023-6875 Exploit for PostSMTP - Unauthorized Account...
Exploit for Missing Authorization in Wpexperts Post_Smtp
CVE-2023-6875 CVE-2023-6875 PoC This is the original proof...
CVE-2023-6875
creationtimestamp| type| source ---|---|--- 2024-01-12 12:01:05+00:00| published-proof-of-concept| https://t.me/truesecator/5286 2024-01-14 05:52:43+00:00| published-proof-of-concept| https://t.me/hackingbra/71 2024-01-14 09:26:15+00:00| published-proof-of-concept| https://t.me/LearnExploit/6019...
CVE-2023-6875
The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7...
CVE-2023-6875
WordPress POST SMTP Mailer plugin (
WordPress POST SMTP Mailer 2.8.7 Authorization Bypass / Cross Site Scripting
Vulnerability Summary from Wordfence Intelligence Description: POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress = 2.8.7 – Authorization Bypass via type connect-app API Affected Plugin: POST SMTP Mailer – Email log, Delivery Failure Notifications and Be...
WordPress Post SMTP Plugin <= 2.8.7 is vulnerable to Broken Authentication
Software Post SMTP Type Plugin Vulnerable versions = 2.8.7 Fixed in 2.8.8 OWASP Top 10 A4: Insecure Design Classification Broken Authentication CVE CVE-2023-6875 Patch priority High CVSS severity High 9.8 Developer WPExperts PSID abf9b2b72d3f Credits Ulyses Saicha Required privilege Unauthenticat...