Vulnerabilites related to wpexperts - post_smtp
cve-2022-2351
Vulnerability from cvelistv5
Published
2022-09-16 08:40
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
The Post SMTP Mailer/Email Log WordPress plugin before 2.1.4 does not escape some of its settings before outputting them in the admins dashboard, allowing high privilege users to perform Cross-Site Scripting attacks against other users even when the unfiltered_html capability is disallowed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/f3fda033-58f5-446d-ade4-2336a39bfb87 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Post SMTP Mailer/Email Log |
Version: 2.1.4 < 2.1.4 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:32:09.569Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wpscan.com/vulnerability/f3fda033-58f5-446d-ade4-2336a39bfb87", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Post SMTP Mailer/Email Log", vendor: "Unknown", versions: [ { lessThan: "2.1.4", status: "affected", version: "2.1.4", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Raad Haddad of Cloudyrion GmbH", }, ], descriptions: [ { lang: "en", value: "The Post SMTP Mailer/Email Log WordPress plugin before 2.1.4 does not escape some of its settings before outputting them in the admins dashboard, allowing high privilege users to perform Cross-Site Scripting attacks against other users even when the unfiltered_html capability is disallowed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Cross-Site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-16T08:40:27", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wpscan.com/vulnerability/f3fda033-58f5-446d-ade4-2336a39bfb87", }, ], source: { discovery: "EXTERNAL", }, title: "Post SMTP < 2.1.4 - Admin+ Stored Cross-Site Scripting", x_generator: "WPScan CVE Generator", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "contact@wpscan.com", ID: "CVE-2022-2351", STATE: "PUBLIC", TITLE: "Post SMTP < 2.1.4 - Admin+ Stored Cross-Site Scripting", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Post SMTP Mailer/Email Log", version: { version_data: [ { version_affected: "<", version_name: "2.1.4", version_value: "2.1.4", }, ], }, }, ], }, vendor_name: "Unknown", }, ], }, }, credit: [ { lang: "eng", value: "Raad Haddad of Cloudyrion GmbH", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Post SMTP Mailer/Email Log WordPress plugin before 2.1.4 does not escape some of its settings before outputting them in the admins dashboard, allowing high privilege users to perform Cross-Site Scripting attacks against other users even when the unfiltered_html capability is disallowed.", }, ], }, generator: "WPScan CVE Generator", problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79 Cross-Site Scripting (XSS)", }, ], }, ], }, references: { reference_data: [ { name: "https://wpscan.com/vulnerability/f3fda033-58f5-446d-ade4-2336a39bfb87", refsource: "MISC", url: "https://wpscan.com/vulnerability/f3fda033-58f5-446d-ade4-2336a39bfb87", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2022-2351", datePublished: "2022-09-16T08:40:27", dateReserved: "2022-07-08T00:00:00", dateUpdated: "2024-08-03T00:32:09.569Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-52436
Vulnerability from cvelistv5
Published
2024-11-18 14:30
Modified
2024-11-18 21:55
Severity ?
EPSS score ?
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Post SMTP allows Blind SQL Injection.This issue affects Post SMTP: from n/a through 2.9.9.
References
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-52436", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-18T15:40:43.576010Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-18T21:55:54.261Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", packageName: "post-smtp", product: "Post SMTP", vendor: "Post SMTP", versions: [ { lessThanOrEqual: "2.9.9", status: "affected", version: "n/a", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Hakiduck (Patchstack Alliance)", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Post SMTP allows Blind SQL Injection.<p>This issue affects Post SMTP: from n/a through 2.9.9.</p>", }, ], value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Post SMTP allows Blind SQL Injection.This issue affects Post SMTP: from n/a through 2.9.9.", }, ], impacts: [ { capecId: "CAPEC-7", descriptions: [ { lang: "en", value: "CAPEC-7 Blind SQL Injection", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-89", description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-18T14:30:20.672Z", orgId: "21595511-bba5-4825-b968-b78d1f9984a3", shortName: "Patchstack", }, references: [ { tags: [ "vdb-entry", ], url: "https://patchstack.com/database/vulnerability/post-smtp/wordpress-post-smtp-plugin-2-9-9-sql-injection-vulnerability?_s_id=cve", }, ], source: { discovery: "EXTERNAL", }, title: "WordPress Post SMTP plugin <= 2.9.9 - SQL Injection vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3", assignerShortName: "Patchstack", cveId: "CVE-2024-52436", datePublished: "2024-11-18T14:30:20.672Z", dateReserved: "2024-11-11T06:39:38.393Z", dateUpdated: "2024-11-18T21:55:54.261Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-3178
Vulnerability from cvelistv5
Published
2024-01-16 15:55
Modified
2024-08-02 06:48
Severity ?
EPSS score ?
Summary
The POST SMTP Mailer WordPress plugin before 2.5.7 does not have proper CSRF checks in some AJAX actions, which could allow attackers to make logged in users with the manage_postman_smtp capability delete arbitrary logs via a CSRF attack.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/5341cb5d-d204-49e1-b013-f8959461995f/ | exploit, vdb-entry, technical-description |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | POST SMTP Mailer |
Version: 2.5.0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T06:48:07.773Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "exploit", "vdb-entry", "technical-description", "x_transferred", ], url: "https://wpscan.com/vulnerability/5341cb5d-d204-49e1-b013-f8959461995f/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", product: "POST SMTP Mailer", vendor: "Unknown", versions: [ { lessThan: "2.5.7", status: "affected", version: "2.5.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Erwan LR (WPScan)", }, { lang: "en", type: "coordinator", value: "WPScan", }, ], descriptions: [ { lang: "en", value: "The POST SMTP Mailer WordPress plugin before 2.5.7 does not have proper CSRF checks in some AJAX actions, which could allow attackers to make logged in users with the manage_postman_smtp capability delete arbitrary logs via a CSRF attack.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-352 Cross-Site Request Forgery (CSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-16T15:55:29.719Z", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "exploit", "vdb-entry", "technical-description", ], url: "https://wpscan.com/vulnerability/5341cb5d-d204-49e1-b013-f8959461995f/", }, ], source: { discovery: "EXTERNAL", }, title: "POST SMTP Mailer < 2.5.7 - Arbitrary Log Deletion via CSRF", x_generator: { engine: "WPScan CVE Generator", }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2023-3178", datePublished: "2024-01-16T15:55:29.719Z", dateReserved: "2023-06-09T08:24:52.036Z", dateUpdated: "2024-08-02T06:48:07.773Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-13844
Vulnerability from cvelistv5
Published
2025-03-08 05:30
Modified
2025-03-08 05:30
Severity ?
EPSS score ?
Summary
The Post SMTP plugin for WordPress is vulnerable to generic SQL Injection via the ‘columns’ parameter in all versions up to, and including, 3.1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| saadiqbal | Post SMTP – WP SMTP Plugin with Email Logs and Mobile App for Failure Notifications – Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES and more |
Version: * ≤ 3.1.2 |
{ containers: { cna: { affected: [ { defaultStatus: "unaffected", product: "Post SMTP – WP SMTP Plugin with Email Logs and Mobile App for Failure Notifications – Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES and more", vendor: "saadiqbal", versions: [ { lessThanOrEqual: "3.1.2", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Nhien Pham", }, ], descriptions: [ { lang: "en", value: "The Post SMTP plugin for WordPress is vulnerable to generic SQL Injection via the ‘columns’ parameter in all versions up to, and including, 3.1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.", }, ], metrics: [ { cvssV3_1: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-89", description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-08T05:30:08.283Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/0540f70d-009a-4776-8717-f096e30a11d3?source=cve", }, { url: "https://gist.github.com/nhienit2010/d4692062f54b89e16aa068a0ef142cf6#file-postmanemailquerylog-php-L314", }, { url: "https://wordpress.org/plugins/post-smtp/#developers", }, { url: "https://plugins.trac.wordpress.org/changeset/3249371/", }, ], timeline: [ { lang: "en", time: "2025-03-07T16:21:23.000+00:00", value: "Disclosed", }, ], title: "Post SMTP <= 3.1.2 - Authenticated (Administrator+) SQL Injection via columns Parameter", }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2024-13844", datePublished: "2025-03-08T05:30:08.283Z", dateReserved: "2025-02-06T20:11:02.474Z", dateUpdated: "2025-03-08T05:30:08.283Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-0521
Vulnerability from cvelistv5
Published
2025-02-18 11:10
Modified
2025-02-18 14:26
Severity ?
EPSS score ?
Summary
The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the from and subject parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| saadiqbal | Post SMTP – WordPress SMTP Plugin with Email Logs and Mobile App for Failure Notifications – Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES and more |
Version: * ≤ 3.0.2 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-0521", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-18T14:26:02.492087Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-18T14:26:27.507Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Post SMTP – WordPress SMTP Plugin with Email Logs and Mobile App for Failure Notifications – Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES and more", vendor: "saadiqbal", versions: [ { lessThanOrEqual: "3.0.2", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "D.Sim", }, ], descriptions: [ { lang: "en", value: "The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the from and subject parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-18T11:10:18.504Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/366dfbf1-870c-4ce3-abc4-a2b2f4e72175?source=cve", }, { url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3237626%40post-smtp%2Ftrunk&old=3229076%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=", }, ], timeline: [ { lang: "en", time: "2025-02-17T22:24:21.000+00:00", value: "Disclosed", }, ], title: "Post SMTP <= 3.0.2 - Unauthenticated Stored Cross-Site Scripting", }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2025-0521", datePublished: "2025-02-18T11:10:18.504Z", dateReserved: "2025-01-16T17:53:46.524Z", dateUpdated: "2025-02-18T14:26:27.507Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-2352
Vulnerability from cvelistv5
Published
2022-09-26 12:35
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/dc99ac40-646a-4f8e-b2b9-dc55d6d4c55c | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Post SMTP Mailer/Email Log |
Version: 2.1.7 < 2.1.7 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:32:09.763Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wpscan.com/vulnerability/dc99ac40-646a-4f8e-b2b9-dc55d6d4c55c", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Post SMTP Mailer/Email Log", vendor: "Unknown", versions: [ { lessThan: "2.1.7", status: "affected", version: "2.1.7", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Raad Haddad of Cloudyrion GmbH", }, ], descriptions: [ { lang: "en", value: "The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-918", description: "CWE-918 Server-Side Request Forgery (SSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-26T12:35:32", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wpscan.com/vulnerability/dc99ac40-646a-4f8e-b2b9-dc55d6d4c55c", }, ], source: { discovery: "EXTERNAL", }, title: "Post SMTP < 2.1.7 - Admin+ Blind SSRF", x_generator: "WPScan CVE Generator", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "contact@wpscan.com", ID: "CVE-2022-2352", STATE: "PUBLIC", TITLE: "Post SMTP < 2.1.7 - Admin+ Blind SSRF", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Post SMTP Mailer/Email Log", version: { version_data: [ { version_affected: "<", version_name: "2.1.7", version_value: "2.1.7", }, ], }, }, ], }, vendor_name: "Unknown", }, ], }, }, credit: [ { lang: "eng", value: "Raad Haddad of Cloudyrion GmbH", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example.", }, ], }, generator: "WPScan CVE Generator", problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-918 Server-Side Request Forgery (SSRF)", }, ], }, ], }, references: { reference_data: [ { name: "https://wpscan.com/vulnerability/dc99ac40-646a-4f8e-b2b9-dc55d6d4c55c", refsource: "MISC", url: "https://wpscan.com/vulnerability/dc99ac40-646a-4f8e-b2b9-dc55d6d4c55c", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2022-2352", datePublished: "2022-09-26T12:35:32", dateReserved: "2022-07-08T00:00:00", dateUpdated: "2024-08-03T00:32:09.763Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-6629
Vulnerability from cvelistv5
Published
2024-01-03 04:29
Modified
2024-08-02 08:35
Severity ?
EPSS score ?
Summary
The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘msg’ parameter in all versions up to, and including, 2.8.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpexpertsio | POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications |
Version: * ≤ 2.8.6 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:35:14.828Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/7681f984-d488-4da7-afe1-988e5ad012f2?source=cve", }, { tags: [ "x_transferred", ], url: "https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Wizard/NewWizard.php#L396", }, { tags: [ "x_transferred", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3012318%40post-smtp%2Ftrunk&old=3006604%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=#file4", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications", vendor: "wpexpertsio", versions: [ { lessThanOrEqual: "2.8.6", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Matan Berson", }, ], descriptions: [ { lang: "en", value: "The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘msg’ parameter in all versions up to, and including, 2.8.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-03T04:29:33.793Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/7681f984-d488-4da7-afe1-988e5ad012f2?source=cve", }, { url: "https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Wizard/NewWizard.php#L396", }, { url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3012318%40post-smtp%2Ftrunk&old=3006604%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=#file4", }, ], timeline: [ { lang: "en", time: "2024-01-02T00:00:00.000+00:00", value: "Disclosed", }, ], }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2023-6629", datePublished: "2024-01-03T04:29:33.793Z", dateReserved: "2023-12-08T16:05:50.184Z", dateUpdated: "2024-08-02T08:35:14.828Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-7027
Vulnerability from cvelistv5
Published
2024-01-03 04:29
Modified
2025-02-13 17:27
Severity ?
EPSS score ?
Summary
The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘device’ header in all versions up to, and including, 2.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpexpertsio | POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications |
Version: * ≤ 2.8.7 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:50:08.195Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/7e8911a3-ce0f-420c-bf2a-1c2929d01cef?source=cve", }, { tags: [ "x_transferred", ], url: "https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/includes/rest-api/v1/rest-api.php#L79", }, { tags: [ "x_transferred", ], url: "https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/mobile.php#L219", }, { tags: [ "x_transferred", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3016126%40post-smtp%2Ftrunk&old=3012318%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/176525/WordPress-POST-SMTP-Mailer-2.8.7-Authorization-Bypass-Cross-Site-Scripting.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-7027", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-14T18:41:09.897882Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-14T18:41:25.143Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications", vendor: "wpexpertsio", versions: [ { lessThanOrEqual: "2.8.7", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Sean Murphy", }, ], descriptions: [ { lang: "en", value: "The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘device’ header in all versions up to, and including, 2.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-11T22:06:30.294Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/7e8911a3-ce0f-420c-bf2a-1c2929d01cef?source=cve", }, { url: "https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/includes/rest-api/v1/rest-api.php#L79", }, { url: "https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/mobile.php#L219", }, { url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3016126%40post-smtp%2Ftrunk&old=3012318%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=", }, { url: "http://packetstormsecurity.com/files/176525/WordPress-POST-SMTP-Mailer-2.8.7-Authorization-Bypass-Cross-Site-Scripting.html", }, ], timeline: [ { lang: "en", time: "2024-01-02T00:00:00.000+00:00", value: "Disclosed", }, ], }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2023-7027", datePublished: "2024-01-03T04:29:34.469Z", dateReserved: "2023-12-20T18:53:20.908Z", dateUpdated: "2025-02-13T17:27:02.309Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-6621
Vulnerability from cvelistv5
Published
2024-01-03 08:32
Modified
2024-08-02 08:35
Severity ?
EPSS score ?
Summary
The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/b49ca336-5bc2-4d72-a9a5-b8c020057928 | exploit, vdb-entry, technical-description |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:35:14.834Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "exploit", "vdb-entry", "technical-description", "x_transferred", ], url: "https://wpscan.com/vulnerability/b49ca336-5bc2-4d72-a9a5-b8c020057928", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", product: "POST SMTP", vendor: "Unknown", versions: [ { lessThan: "2.8.7", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Alex Sanford", }, { lang: "en", type: "coordinator", value: "WPScan", }, ], descriptions: [ { lang: "en", value: "The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-79 Cross-Site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-15T15:10:42.696Z", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "exploit", "vdb-entry", "technical-description", ], url: "https://wpscan.com/vulnerability/b49ca336-5bc2-4d72-a9a5-b8c020057928", }, ], source: { discovery: "EXTERNAL", }, title: "Post SMTP < 2.8.7 - Reflected Cross-Site Scripting", x_generator: { engine: "WPScan CVE Generator", }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2023-6621", datePublished: "2024-01-03T08:32:42.957Z", dateReserved: "2023-12-08T10:31:08.620Z", dateUpdated: "2024-08-02T08:35:14.834Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-29128
Vulnerability from cvelistv5
Published
2024-03-19 14:04
Modified
2024-08-02 01:03
Severity ?
EPSS score ?
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Post SMTP POST SMTP allows Reflected XSS.This issue affects POST SMTP: from n/a through 2.8.6.
References
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-29128", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-03-19T15:11:36.934276Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:57:21.885Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T01:03:51.785Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vdb-entry", "x_transferred", ], url: "https://patchstack.com/database/vulnerability/post-smtp/wordpress-post-smtp-mailer-plugin-2-8-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", packageName: "post-smtp", product: "POST SMTP", vendor: "Post SMTP", versions: [ { changes: [ { at: "2.8.7", status: "unaffected", }, ], lessThanOrEqual: "2.8.6", status: "affected", version: "n/a", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Le Ngoc Anh (Patchstack Alliance)", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Post SMTP POST SMTP allows Reflected XSS.<p>This issue affects POST SMTP: from n/a through 2.8.6.</p>", }, ], value: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Post SMTP POST SMTP allows Reflected XSS.This issue affects POST SMTP: from n/a through 2.8.6.\n\n", }, ], impacts: [ { capecId: "CAPEC-591", descriptions: [ { lang: "en", value: "CAPEC-591 Reflected XSS", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-03-19T14:04:00.356Z", orgId: "21595511-bba5-4825-b968-b78d1f9984a3", shortName: "Patchstack", }, references: [ { tags: [ "vdb-entry", ], url: "https://patchstack.com/database/vulnerability/post-smtp/wordpress-post-smtp-mailer-plugin-2-8-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Update to 2.8.7 or a higher version.", }, ], value: "Update to 2.8.7 or a higher version.", }, ], source: { discovery: "EXTERNAL", }, title: "WordPress POST SMTP Mailer plugin <= 2.8.6 - Reflected Cross Site Scripting (XSS) vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3", assignerShortName: "Patchstack", cveId: "CVE-2024-29128", datePublished: "2024-03-19T14:04:00.356Z", dateReserved: "2024-03-16T01:24:15.389Z", dateUpdated: "2024-08-02T01:03:51.785Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2025-02-18 11:15
Modified
2025-02-21 12:16
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the from and subject parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:wpexperts:post_smtp:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "6CFC5EE8-9980-4893-A6AB-882EBC8509D1", versionEndExcluding: "3.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the from and subject parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, { lang: "es", value: "El complemento Post SMTP para WordPress es vulnerable a Cross-Site Scripting Almacenado a través del parámetro from y subject en todas las versiones hasta 3.0.2 incluida, debido a una depuración de entrada insuficiente y al escape de salida. Esto hace posible que los atacantes no autenticados inyecten una web arbitraria scripts en páginas que se ejecutarán siempre que un usuario acceda a una página inyectada. ", }, ], id: "CVE-2025-0521", lastModified: "2025-02-21T12:16:09.897", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.7, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2025-02-18T11:15:12.740", references: [ { source: "security@wordfence.com", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3237626%40post-smtp%2Ftrunk&old=3229076%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/366dfbf1-870c-4ce3-abc4-a2b2f4e72175?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security@wordfence.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-03 05:15
Modified
2024-11-21 08:44
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘msg’ parameter in all versions up to, and including, 2.8.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:wpexperts:post_smtp:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "00068F78-E905-4A92-8286-F98BDBD96103", versionEndExcluding: "2.8.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘msg’ parameter in all versions up to, and including, 2.8.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", }, { lang: "es", value: "POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress es vulnerable a cross site scripting reflejado a través del parámetro 'msg' en todas las versiones hasta la 2.8.6 inclusive debido a una sanitización de entrada y escape insuficientes. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en páginas que se ejecutan si logran engañar a un usuario para que realice una acción como hacer clic en un enlace.", }, ], id: "CVE-2023-6629", lastModified: "2024-11-21T08:44:14.883", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-03T05:15:11.463", references: [ { source: "security@wordfence.com", tags: [ "Issue Tracking", ], url: "https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Wizard/NewWizard.php#L396", }, { source: "security@wordfence.com", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3012318%40post-smtp%2Ftrunk&old=3006604%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=#file4", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/7681f984-d488-4da7-afe1-988e5ad012f2?source=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Wizard/NewWizard.php#L396", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3012318%40post-smtp%2Ftrunk&old=3006604%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=#file4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/7681f984-d488-4da7-afe1-988e5ad012f2?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-03 05:15
Modified
2024-11-21 08:45
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘device’ header in all versions up to, and including, 2.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:wpexperts:post_smtp:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "8FC298A8-B6BF-4785-A80A-0AEDFE0FD58C", versionEndExcluding: "2.8.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘device’ header in all versions up to, and including, 2.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, { lang: "es", value: "POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress es vulnerable a cross site scripting almacenado a través del encabezado 'device' en todas las versiones hasta la 2.8.7 inclusive debido a una sanitización de entrada y escape insuficientes. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada.", }, ], id: "CVE-2023-7027", lastModified: "2024-11-21T08:45:04.383", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.7, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-03T05:15:11.700", references: [ { source: "security@wordfence.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/176525/WordPress-POST-SMTP-Mailer-2.8.7-Authorization-Bypass-Cross-Site-Scripting.html", }, { source: "security@wordfence.com", tags: [ "Exploit", ], url: "https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/includes/rest-api/v1/rest-api.php#L79", }, { source: "security@wordfence.com", tags: [ "Exploit", ], url: "https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/mobile.php#L219", }, { source: "security@wordfence.com", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3016126%40post-smtp%2Ftrunk&old=3012318%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/7e8911a3-ce0f-420c-bf2a-1c2929d01cef?source=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/176525/WordPress-POST-SMTP-Mailer-2.8.7-Authorization-Bypass-Cross-Site-Scripting.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/includes/rest-api/v1/rest-api.php#L79", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/mobile.php#L219", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3016126%40post-smtp%2Ftrunk&old=3012318%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/7e8911a3-ce0f-420c-bf2a-1c2929d01cef?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-09-26 13:15
Modified
2024-11-21 07:00
Severity ?
Summary
The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/dc99ac40-646a-4f8e-b2b9-dc55d6d4c55c | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/dc99ac40-646a-4f8e-b2b9-dc55d6d4c55c | Exploit, Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:wpexperts:post_smtp:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "3CFFBF6B-AF8B-4134-8621-7A27E655F6F8", versionEndExcluding: "2.1.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example.", }, { lang: "es", value: "El plugin Post SMTP Mailer/Email Log de WordPress versiones anteriores a 2.1.7, no presenta la autorización adecuada en algunas acciones AJAX, lo que podría permitir a usuarios con altos privilegios, como los administradores, llevar a cabo SSRF ciegos en instalaciones multisitio, por ejemplo.\n", }, ], id: "CVE-2022-2352", lastModified: "2024-11-21T07:00:49.493", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-09-26T13:15:10.320", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/dc99ac40-646a-4f8e-b2b9-dc55d6d4c55c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/dc99ac40-646a-4f8e-b2b9-dc55d6d4c55c", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "contact@wpscan.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-03-19 14:15
Modified
2025-02-27 03:36
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Post SMTP POST SMTP allows Reflected XSS.This issue affects POST SMTP: from n/a through 2.8.6.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:wpexperts:post_smtp:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "00068F78-E905-4A92-8286-F98BDBD96103", versionEndExcluding: "2.8.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Post SMTP POST SMTP allows Reflected XSS.This issue affects POST SMTP: from n/a through 2.8.6.\n\n", }, { lang: "es", value: "Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ('cross-site Scripting') en Post SMTP POST SMTP permite XSS reflejado. Este problema afecta a POST SMTP: desde n/a hasta 2.8.6.", }, ], id: "CVE-2024-29128", lastModified: "2025-02-27T03:36:25.857", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.7, source: "audit@patchstack.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-03-19T14:15:08.010", references: [ { source: "audit@patchstack.com", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/post-smtp/wordpress-post-smtp-mailer-plugin-2-8-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/post-smtp/wordpress-post-smtp-mailer-plugin-2-8-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", }, ], sourceIdentifier: "audit@patchstack.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "audit@patchstack.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-16 16:15
Modified
2024-11-21 08:16
Severity ?
Summary
The POST SMTP Mailer WordPress plugin before 2.5.7 does not have proper CSRF checks in some AJAX actions, which could allow attackers to make logged in users with the manage_postman_smtp capability delete arbitrary logs via a CSRF attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/5341cb5d-d204-49e1-b013-f8959461995f/ | Exploit, Product, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/5341cb5d-d204-49e1-b013-f8959461995f/ | Exploit, Product, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:wpexperts:post_smtp:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "AACA58B5-42D5-4C1F-8B91-80569638003E", versionEndExcluding: "2.5.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The POST SMTP Mailer WordPress plugin before 2.5.7 does not have proper CSRF checks in some AJAX actions, which could allow attackers to make logged in users with the manage_postman_smtp capability delete arbitrary logs via a CSRF attack.", }, { lang: "es", value: "El complemento POST SMTP Mailer de WordPress anterior a 2.5.7 no tiene comprobaciones CSRF adecuadas en algunas acciones AJAX, lo que podría permitir a los atacantes hacer que los usuarios registrados con la capacidad de Manage_postman_smtp eliminen registros arbitrarios mediante un ataque CSRF.", }, ], id: "CVE-2023-3178", lastModified: "2024-11-21T08:16:38.017", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-16T16:15:11.243", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Product", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/5341cb5d-d204-49e1-b013-f8959461995f/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Product", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/5341cb5d-d204-49e1-b013-f8959461995f/", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-11-18 15:15
Modified
2024-11-20 15:24
Severity ?
7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Post SMTP allows Blind SQL Injection.This issue affects Post SMTP: from n/a through 2.9.9.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:wpexperts:post_smtp:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "A648AEA8-3292-429F-A4EC-888967D4BF7A", versionEndIncluding: "2.9.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Post SMTP allows Blind SQL Injection.This issue affects Post SMTP: from n/a through 2.9.9.", }, { lang: "es", value: "La vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un comando SQL ('Inyección SQL') en Post SMTP permite la inyección SQL ciega. Este problema afecta a Post SMTP: desde n/a hasta 2.9.9.", }, ], id: "CVE-2024-52436", lastModified: "2024-11-20T15:24:35.470", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 4.7, source: "audit@patchstack.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-11-18T15:15:08.773", references: [ { source: "audit@patchstack.com", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/post-smtp/wordpress-post-smtp-plugin-2-9-9-sql-injection-vulnerability?_s_id=cve", }, ], sourceIdentifier: "audit@patchstack.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "audit@patchstack.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-03-08 06:15
Modified
2025-03-13 13:10
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
The Post SMTP plugin for WordPress is vulnerable to generic SQL Injection via the ‘columns’ parameter in all versions up to, and including, 3.1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:wpexperts:post_smtp:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "253ECEA5-B9FA-46CB-ACCA-E981224AE63A", versionEndExcluding: "3.1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Post SMTP plugin for WordPress is vulnerable to generic SQL Injection via the ‘columns’ parameter in all versions up to, and including, 3.1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.", }, { lang: "es", value: "El complemento Post SMTP para WordPress es vulnerable a la inyección SQL genérica a través del parámetro \"columns\" en todas las versiones hasta la 3.1.2 incluida, debido a un escape insuficiente en el parámetro proporcionado por el usuario y a la falta de preparación suficiente en la consulta SQL existente. Esto permite que los atacantes autenticados, con acceso de nivel de administrador o superior, agreguen consultas SQL adicionales a las consultas ya existentes que se pueden usar para extraer información confidencial de la base de datos.", }, ], id: "CVE-2024-13844", lastModified: "2025-03-13T13:10:31.303", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2025-03-08T06:15:36.760", references: [ { source: "security@wordfence.com", tags: [ "Product", ], url: "https://gist.github.com/nhienit2010/d4692062f54b89e16aa068a0ef142cf6#file-postmanemailquerylog-php-L314", }, { source: "security@wordfence.com", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset/3249371/", }, { source: "security@wordfence.com", tags: [ "Product", "Release Notes", ], url: "https://wordpress.org/plugins/post-smtp/#developers", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/0540f70d-009a-4776-8717-f096e30a11d3?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "security@wordfence.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-89", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-09-16 09:15
Modified
2024-11-21 07:00
Severity ?
Summary
The Post SMTP Mailer/Email Log WordPress plugin before 2.1.4 does not escape some of its settings before outputting them in the admins dashboard, allowing high privilege users to perform Cross-Site Scripting attacks against other users even when the unfiltered_html capability is disallowed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/f3fda033-58f5-446d-ade4-2336a39bfb87 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/f3fda033-58f5-446d-ade4-2336a39bfb87 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:wpexperts:post_smtp:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "DC1A36B6-3352-4DB3-92BC-627CD1989973", versionEndExcluding: "2.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Post SMTP Mailer/Email Log WordPress plugin before 2.1.4 does not escape some of its settings before outputting them in the admins dashboard, allowing high privilege users to perform Cross-Site Scripting attacks against other users even when the unfiltered_html capability is disallowed.", }, { lang: "es", value: "El plugin Post SMTP Mailer/Email Log de WordPress versiones anteriores a 2.1.4, no escapa de algunas de sus configuraciones antes de mostrarlas en el panel de control de los administradores, lo que permite a usuarios con altos privilegios llevar a cabo ataques de tipo Cross-Site Scripting contra otros usuarios, incluso cuando la capacidad unfiltered_html no está permitida", }, ], id: "CVE-2022-2351", lastModified: "2024-11-21T07:00:49.360", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-09-16T09:15:10.357", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/f3fda033-58f5-446d-ade4-2336a39bfb87", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/f3fda033-58f5-446d-ade4-2336a39bfb87", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "contact@wpscan.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-03 09:15
Modified
2024-11-21 08:44
Severity ?
Summary
The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/b49ca336-5bc2-4d72-a9a5-b8c020057928 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/b49ca336-5bc2-4d72-a9a5-b8c020057928 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:wpexperts:post_smtp:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "00068F78-E905-4A92-8286-F98BDBD96103", versionEndExcluding: "2.8.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.", }, { lang: "es", value: "POST SMTP WordPress plugin anterior a 2.8.7 no sanitiza ni escapa el parámetro msg antes de devolverlo a la página, lo que genera cross site scripting reflejado que podría usarse contra usuarios con privilegios elevados, como el administrador.", }, ], id: "CVE-2023-6621", lastModified: "2024-11-21T08:44:13.220", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-03T09:15:11.440", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/b49ca336-5bc2-4d72-a9a5-b8c020057928", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/b49ca336-5bc2-4d72-a9a5-b8c020057928", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }