Post Smtp Security Vulnerabilities and Issues — Post Smtp CVE List

Lucene search

WpexpertsPost Smtp

3 matches found

CVE•added 2023/07/12 5:15 a.m.•84 views

CVE-2023-3082

The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via email contents in versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that w...

7.2CVSS5.9AI score0.00492EPSS

CVE•added 2023/07/12 7:15 a.m.•68 views

CVE-2021-4422

The POST SMTP Mailer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.20. This is due to missing or incorrect nonce validation on the handleCsvExport() function. This makes it possible for unauthenticated attackers to trigger a CSV export via a ...

4.3CVSS4.5AI score0.00201EPSS

CVE•added 2023/07/17 2:15 p.m.•46 views

CVE-2023-3179

The POST SMTP Mailer WordPress plugin before 2.5.7 does not have proper CSRF checks in some AJAX actions, which could allow attackers to make logged in users with the manage_postman_smtp capability resend an email to an arbitrary address (for example a password reset email could be resent to an att...

8.8CVSS8.7AI score0.00096EPSS