Post Smtp Security Vulnerabilities and Issues — Post Smtp CVE List

Lucene search

WpexpertsPost Smtp

3 matches found

CVE•added 2025/02/18 11:15 a.m.•54 views

CVE-2025-0521

The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the from and subject parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scr...

7.2CVSS6.1AI score0.00173EPSS

CVE•added 2025/03/08 6:15 a.m.•40 views

CVE-2024-13844

The Post SMTP plugin for WordPress is vulnerable to generic SQL Injection via the ‘columns’ parameter in all versions up to, and including, 3.1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for auth...

4.9CVSS5.2AI score0.00076EPSS

CVE•added 2025/01/13 2:15 p.m.•23 views

CVE-2025-22800

Missing Authorization vulnerability in Post SMTP Post SMTP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post SMTP: from n/a through 2.9.11.

8.8CVSS4.7AI score0.0008EPSS