5 matches found
CVE-2025-28974
Cross-Site Request Forgery CSRF vulnerability in mail250 Free WP Mail SMTP free-wp-mail-smtp allows Stored XSS.This issue affects Free WP Mail SMTP: from n/a through = 1.0...
CVE-2025-28974
Cross-Site Request Forgery CSRF vulnerability in mail250 Free WP Mail SMTP free-wp-mail-smtp allows Stored XSS.This issue affects Free WP Mail SMTP: from n/a through = 1.0...
CVE-2025-28974 WordPress Free WP Mail SMTP plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in mail250 Free WP Mail SMTP free-wp-mail-smtp allows Stored XSS.This issue affects Free WP Mail SMTP: from n/a through = 1.0...
CVE-2025-28974
CVE-2025-28974 is a CSRF-to-Stored XSS vulnerability in the Free WP Mail SMTP (mail250) WordPress plugin. The issue affects Free WP Mail SMTP versions from n/a through 1.0, with a CVSSv3.1 base score of 7.1 (High). The connected documentation confirms the vulnerability class (CSRF leading to Stor...
WordPress Free WP Mail SMTP plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Free WP Mail SMTP versions = 1.0...