CVE-2026-7621

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

WordPress SMTP2GO for WordPress – Email Made Easy plugin <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate vulnerability

Missing Authorization to Authenticated Subscriber+ Log Read/Truncate vulnerability discovered by darkmode in WordPress Plugin SMTP2GO versions = 1.16.0...

EUVD-2023-32166

Malicious code in bioql PyPI...

CVE-2025-54011 WordPress SMTP2GO plugin <= 1.12.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in SMTP2GO SMTP2GO smtp2go allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMTP2GO: from n/a through = 1.12.1...

CVE-2023-28496

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in SMTP2GO – Email Made Easy plugin = 1.4.2 versions...

CVE-2023-28496

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in SMTP2GO – Email Made Easy plugin = 1.4.2 versions...

CVE-2023-28496 WordPress SMTP2GO Plugin <= 1.4.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in SMTP2GO – Email Made Easy plugin = 1.4.2 versions...