CVE-2025-6993
CVE-2025-6993 affects the Ultimate WP Mail plugin for WordPress (versions 1.0.17–1.3.6). The vulnerability arises from improper authorization in the get_email_log_details AJAX handler, which reads client-supplied post_id and returns the corresponding email log content (including the admin passwor...