2 matches found
CVE-2025-3434 SMTP for Amazon SES – YaySMTP <= 1.8 - Unauthenticated Stored Cross-Site Scripting via Email Logs
The SMTP for Amazon SES – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Email Logs in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
WordPress SMTP for Amazon SES – YaySMTP plugin <= 1.8 - Unauthenticated Stored Cross-Site Scripting via Email Logs vulnerability
Unauthenticated Stored Cross-Site Scripting via Email Logs vulnerability discovered by zer0gh0st in WordPress Plugin SMTP for Amazon SES versions = 1.8...