Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.10 views

CVE-2026-7621

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

4.3CVSS5.5AI score0.0025EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 8:16 a.m.25 views

CVE-2026-7621

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

4.3CVSS0.0025EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/28 6:45 a.m.34 views

CVE-2026-7621 SMTP2GO for WordPress <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

4.3CVSS0.0025EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2026/05/28 6:45 a.m.9 views

CVE-2026-7621 SMTP2GO for WordPress <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

4.3CVSS5.8AI score0.0025EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.17 views

PT-2026-44202

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

4.3CVSS5.8AI score0.0025EPSS
Exploits0References12
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

WordPress plugin SMTP2GO for WordPress – Email Made Easy 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

4.3CVSS5.9AI score0.0025EPSS
Exploits0References11
Veracode
Veracode
added 2024/03/13 7:31 a.m.11 views

SMTP Smuggling

aiosmtpd is vulnerable to inbound SMTP smuggling. The vulnerability is due to interpretation differences of the SMTP protocol, enabling attackers to send spoofed emails with fake sender addresses, facilitating advanced phishing attacks...

5.3CVSS6.7AI score0.00371EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/03/12 9:15 p.m.26 views

CVE-2024-27305

aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd is vulnerable to inbound SMTP smuggling. SMTP smuggling is a novel vulnerability based on not so novel interpretation differences of the SMTP protocol. By exploiting SMTP smuggling, an attacker may send...

5.3CVSS5AI score0.00371EPSS
Exploits0References3
Prion
Prion
added 2024/03/12 9:15 p.m.16 views

Design/Logic Flaw

aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd is vulnerable to inbound SMTP smuggling. SMTP smuggling is a novel vulnerability based on not so novel interpretation differences of the SMTP protocol. By exploiting SMTP smuggling, an attacker may send...

5CVSS6.9AI score0.00371EPSS
Exploits0References3
Veracode
Veracode
added 2023/07/17 2:29 a.m.20 views

Improper Header Validation

libopendkim.so is vulnerable to Improper Header Validation. The vulnerability exists due to the default setting used for the KeepAuthResults parameter in opendkim.c, which fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, allowing an attacker to send...

5.3CVSS6.8AI score0.00575EPSS
Exploits0References3Affected Software2
SUSE CVE
SUSE CVE
added 2023/02/15 6:18 a.m.3 views

SUSE CVE-2005-1127

Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server Postgrey 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service crash via format string specifiers that are not properly handl...

5CVSS6.9AI score0.02698EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2021/08/04 2:44 p.m.202 views

Phishing Campaign Dangles SharePoint File-Shares

Attackers are using spoofed sender addresses and Microsoft SharePoint lures in a new phishing campaign that is “sneakier than usual” and can slip through the usual security protections in its aim to fool people into giving up their credentials, Microsoft researchers discovered. Microsoft Security...

7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2011/06/29 4:3 p.m.7 views

Gmail Implements New Features to Help Curb Phishing

Google has implemented new security features into their popular Gmail Web-based email service that will help prevent Gmail users from becoming victims of phishing scams. The company introduced three new features late Tuesday that it claims will inform users of the origins of certain emails so the...

0.1AI score
Exploits0References5
Rows per page
Query Builder