Security Alert: WordPress plugin “POST SMTP Mailer” vulnerabilitie
Date:
2024-01-12 15:03:00
Status:
Closed
Brief Description:
Two vulnerabilities in the WordPress plugin “POST SMTP Mailer” carry severe risk for site owners. The plugin should be updated to version 2.8.8 to be protected against administrator authorization bypass and cross-site scripting (XSS).
Current Status:
N/A
Services Affected:
Not Applicable
Full Description:
Two vulnerabilities in the WordPress plugin “POST SMTP Mailer” carry severe risk for site owners. The plugin should be updated to version 2.8.8 to be protected against administrator authorization bypass and cross-site scripting (XSS).
The two vulnerabilities in the WordPress plugin “POST SMTP Mailer” have been identified as CVE-2023-6875 (authentication bypass) and CVE-2023-7027 (cross-site scripting (XSS)). CVE-2023-6875 is a critical risk severity vulnerability and can allow attackers to reset and takeover a site admins credentials and gain complete control of a vulnerable site. CVE-2023-7027 is a high risk severity vulnerability that allows persistent cross-site scripting (XSS) which can allow several attacks such: malicious script injection, account impersonation, theft of sensitive data, and more. The plugin should be updated to version 2.8.8. All previous versions are vulnerable to both vulnerabilities.
CIT Custom Development "CD" has confirmed that the “POST SMTP Mailer” plugin is not in use on CampusPress and have completed a review of all other sites under their support service and those WordPress sites are not impacted.
All other administrators of WordPress sites should check their sites for this plugin and update it to version 2.8.8.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-6875
https://nvd.nist.gov/vuln/detail/CVE-2023-7027
https://www.wordfence.com/blog/2024/01/type-juggling-leads-to-two-vulnerabilities-in-post-smtp-mailer-wordpress-plugin/
https://www.bleepingcomputer.com/news/security/over-150k-wordpress-sites-at-takeover-risk-via-vulnerable-plugin/
The two vulnerabilities in the WordPress plugin “POST SMTP Mailer” have been identified as CVE-2023-6875 (authentication bypass) and CVE-2023-7027 (cross-site scripting (XSS)). CVE-2023-6875 is a critical risk severity vulnerability and can allow attackers to reset and takeover a site admins credentials and gain complete control of a vulnerable site. CVE-2023-7027 is a high risk severity vulnerability that allows persistent cross-site scripting (XSS) which can allow several attacks such: malicious script injection, account impersonation, theft of sensitive data, and more. The plugin should be updated to version 2.8.8. All previous versions are vulnerable to both vulnerabilities.
CIT Custom Development "CD" has confirmed that the “POST SMTP Mailer” plugin is not in use on CampusPress and have completed a review of all other sites under their support service and those WordPress sites are not impacted.
All other administrators of WordPress sites should check their sites for this plugin and update it to version 2.8.8.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-6875
https://nvd.nist.gov/vuln/detail/CVE-2023-7027
https://www.wordfence.com/blog/2024/01/type-juggling-leads-to-two-vulnerabilities-in-post-smtp-mailer-wordpress-plugin/
https://www.bleepingcomputer.com/news/security/over-150k-wordpress-sites-at-takeover-risk-via-vulnerable-plugin/
CIT TDX ID: