CVE-2025-22800

High CVSS: 8.8

Missing Authorization vulnerability in Saad Iqbal Post SMTP post-smtp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post SMTP: from n/a through <= 2.9.11.

Vendor

Wpexperts

Product

Post Smtp

CWE

CWE-862

Yayın Tarihi

2025-01-13 14:15:13

Güncelleme

2026-04-01 16:23:02

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-862 Post Smtp HIGH Wpexperts 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/post-smtp/vulnerability/wordpress-post-smtp-plugin-2-9-11-broken-access-control-vulnerability?_s_id=cve

Benzer Kayıtlar

Medium

CVE-2024-13844

The Post SMTP plugin for WordPress is vulnerable to generic SQL Injection via the ‘columns’ parameter in all versions up…

Medium

CVE-2024-13713

The WPExperts Square For GiveWP plugin for WordPress is vulnerable to SQL Injection via the 'post' parameter in all vers…

High

CVE-2025-0521

The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the from and subject parameter in al…

Medium

CVE-2025-24680

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPExperts.io WP Multistor…

Medium

CVE-2024-12475

The WP Multi Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and…