Easy WP SMTP <= 1.3.9 - Missing Authorization to Arbitrary Options Update

The Easy WP SMTP plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.3.9. This is due to missing capability checks on the admininit function, in addition to insufficient input validation. This makes it possible for unauthenticated attackers to modify the...

WordPress Easy WP SMTP by SendLayer plugin <= 2.3.0 - Exposure of Sensitive Information via the UI vulnerability

Exposure of Sensitive Information via the UI vulnerability discovered by Finsand in WordPress Plugin Easy WP SMTP versions = 2.3.0...

EUVD-2017-16699

Malware in sbrugna...

EUVD-2022-48683

Malicious code in bioql PyPI...

EUVD-2022-42721

Malicious code in bioql PyPI...

EUVD-2022-48687

Malicious code in bioql PyPI...

EUVD-2024-31679

Malicious code in bioql PyPI...

EUVD-2022-45766

Malicious code in bioql PyPI...

CVE-2022-3334

The Easy WP SMTP WordPress plugin before 1.5.0 unserialises the content of an imported file, which could lead to PHP object injection issue when an admin import intentionally or not a malicious file and a suitable gadget chain is present on the blog...

CVE-2019-25141

The Easy WP SMTP plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.3.9. This is due to missing capability checks on the admininit function, in addition to insufficient input validation. This makes it possible for unauthenticated attackers to modify the...

Easy WP SMTP by SendLayer < 2.3.1 - Exposure of Sensitive Information via the UI

Description The Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.3.0. This is due to plugin providing the SMTP password in the SMTP Password field when viewing the settings. This make...

CVE-2024-3073

The Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.3.0. This is due to plugin providing the SMTP password in the SMTP Password field when viewing the settings. This makes it possibl...

CVE-2024-3073 Easy WP SMTP by SendLayer <= 2.3.0 - Exposure of Sensitive Information via the UI

The Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.3.0. This is due to plugin providing the SMTP password in the SMTP Password field when viewing the settings. This makes it possibl...

CVE-2024-3073 Easy WP SMTP by SendLayer <= 2.3.0 - Exposure of Sensitive Information via the UI

The Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.3.0. This is due to plugin providing the SMTP password in the SMTP Password field when viewing the settings. This makes it possibl...

CVE-2024-3073

CVE-2024-3073 : Easy WP SMTP by SendLayer (WordPress plugin)

WordPress plugin Easy WP SMTP by SendLayer Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. WordPress plugin Easy WP SMTP by...

Easy WP SMTP Plugin for WordPress < 1.5.2 Multiple Vulnerabilities

The WordPress Easy WP SMTP Plugin installed on the remote host is affected by multiple vulnerabilities as follows: - A Path Traversal Vulnerability CVE-2022-45833. - A Remote Code Execution vulnerability in the auth component CVE-2022-42699. - A Path Traversal Vulnerability CVE-2022-45829. Note...

CVE-2019-25141

The CVE-2019-25141 entry concerns the Easy WP SMTP plugin for WordPress, affected up to version 1.3.9. The provable root cause is missing capability checks on admin_init() and insufficient input validation, enabling unauthenticated attackers to modify plugin settings and arbitrary options to inje...

CVE-2019-25141 Easy WP SMTP <= 1.3.9 - Missing Authorization to Arbitrary Options Update

The Easy WP SMTP plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.3.9. This is due to missing capability checks on the admininit function, in addition to insufficient input validation. This makes it possible for unauthenticated attackers to modify the...

CVE-2022-42699

Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin = 1.5.1 on WordPress...