CVE-2025-67563 WordPress Post SMTP plugin <= 3.6.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Saad Iqbal Post SMTP post-smtp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post SMTP: from n/a through = 3.6.1...

CVE-2025-24000 WordPress Post SMTP plugin <= 3.2.0 - Account Takeover Vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Saad Iqbal Post SMTP post-smtp allows Authentication Bypass.This issue affects Post SMTP: from n/a through = 3.2.0...

CVE-2025-22800 WordPress Post SMTP plugin <= 2.9.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in Saad Iqbal Post SMTP post-smtp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post SMTP: from n/a through = 2.9.11...

WordPress Post SMTP plugin <= 2.9.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Post SMTP versions = 2.9.9...

WordPress Post SMTP Plugin <= 2.9.9 is vulnerable to SQL Injection

Software Post SMTP Type Plugin Vulnerable versions = 2.9.9 Fixed in 2.9.10 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-52436 Patch priority Low CVSS severity Low 7.6 Developer WPExperts PSID d90cd284edab Credits Hakiduck Required privilege Administrator Published 15...

WordPress Post SMTP Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS)

Software Post SMTP Type Plugin Vulnerable versions = 2.8.6 Fixed in 2.8.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29128 Patch priority Medium CVSS severity Medium 7.1 Developer WPExperts PSID d4415453cdb3 Credits Le Ngoc Anh Required privilege Unauthenticat...

WordPress Post SMTP Plugin <= 2.8.7 is vulnerable to Broken Authentication

Software Post SMTP Type Plugin Vulnerable versions = 2.8.7 Fixed in 2.8.8 OWASP Top 10 A4: Insecure Design Classification Broken Authentication CVE CVE-2023-6875 Patch priority High CVSS severity High 9.8 Developer WPExperts PSID abf9b2b72d3f Credits Ulyses Saicha Required privilege Unauthenticat...

WordPress Post SMTP Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS)

Software Post SMTP Type Plugin Vulnerable versions = 2.8.6 Fixed in 2.8.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6629 Patch priority Medium CVSS severity Medium 7.1 Developer WPExperts PSID 5ffadd1b9885 Credits Matan Berson matanber Required...

WordPress Post SMTP Plugin <= 2.8.7 is vulnerable to Cross Site Scripting (XSS)

Software Post SMTP Type Plugin Vulnerable versions = 2.8.7 Fixed in 2.8.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-7027 Patch priority Medium CVSS severity Medium 7.1 Developer WPExperts PSID 7142ca21bf69 Credits Sean Murphy Required privilege...

WordPress Post SMTP Plugin < 2.6.1 is vulnerable to SQL Injection

Software Post SMTP Type Plugin Vulnerable versions 2.6.1 Fixed in 2.6.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE N/A Patch priority Low CVSS severity Low 7.6 Developer WPExperts PSID e6de9c2537c3 Credits WordFence Required privilege Administrator Published 4 October, 2023...

WordPress Post SMTP Plugin < 2.5.8 is vulnerable to Cross Site Scripting (XSS)

Software Post SMTP Type Plugin Vulnerable versions 2.5.8 Fixed in 2.5.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer WPExperts PSID d7157e1c149c Credits Rafie Muhammad Patchstack Required privilege...

WordPress Post SMTP Plugin <= 2.5.7 is vulnerable to Cross Site Scripting (XSS)

Software Post SMTP Type Plugin Vulnerable versions = 2.5.7 Fixed in 2.5.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3082 Patch priority Low CVSS severity Low 7.1 Developer WPExperts PSID c8d98d03e5dd Credits Alex Thomas Required privilege...

WordPress Post SMTP Plugin < 2.5.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Post SMTP Type Plugin Vulnerable versions 2.5.7 Fixed in 2.5.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-3178 Patch priority Low CVSS severity Low 5.4 Developer WPExperts PSID 120e0e7d693e Credits Erwan LR WPScan Required privilege...