Log out
Get PRO

Latest

Input validation vulnerability in Post SMTP – WP SMTP Plugin with Email Logs and Mobile App for Failure Notifications – Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES and more 3.1.2

  • Severity: medium-risk
  • Status: Fixed
  • Publication: March 7, 2025

The Post SMTP plugin for WordPress has a security issue where it is vulnerable to a type of hacking called SQL Injection. This means that attackers who are logged in as Administrators or higher can add their own malicious code to the plugin, which could allow them to access private information from the website’s database. This issue affects all versions up to 3.1.2 of the plugin.

Detected in:

Post SMTP – WP SMTP Plugin with Email Logs and Mobile App for Failure Notifications – Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES and more fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.