4 matches found
CVE-2025-48161
CVE-2025-48161 affects WordPress YaySMTP plugin: SQL Injection due to improper neutralization of special elements. Affected versions are n/a through 1.3; Wordfence lists it as patched (vulnerability entries show Patched) and PT-Security notes “Versions prior to 1.4 are affected,” implying fixes e...
PT-2025-29731 · Yaysmtp · Yaysmtp
Name of the Vulnerable Software and Affected Versions: YaySMTP versions n/a through 1.5 Description: YaySMTP contains a SQL injection flaw. The flaw is due to improper neutralization of special elements used in an SQL command. Recommendations: Versions prior to 1.6 are affected...
PT-2025-29725 · Yaysmtp · Yaysmtp
Name of the Vulnerable Software and Affected Versions: YaySMTP versions n/a through 1.3 Description: YaySMTP is susceptible to a SQL injection flaw due to improper neutralization of special elements within SQL commands. This issue could allow for unauthorized database access or modification...
CVE-2025-47587 WordPress YaySMTP plugin <= 2.6.4 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in YayCommerce YaySMTP yaysmtp allows Blind SQL Injection.This issue affects YaySMTP: from n/a through = 2.6.4...