CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover

The critical vulnerability allows attackers to read arbitrary emails, including password reset messages. The post Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover appeared first on SecurityWeek.

WordPress vulnerability exploited

Hundreds of thousands of websites may be exposed to account takeover attacks due to a critical-severity vulnerability in the email delivery WordPress plugin Post SMTP, Defiant warns.

A WordPress plugin with more than 400,000 active installations, Post SMTP was designed to replace a website’s default PHP mail function with an SMTP one. It provides various features, including email logging capabilities.

Post SMTP versions up to 3.6.0 lack a capability check in a specific function, thus allowing unauthenticated attackers to read arbitrary logged emails sent using the plugin.

Because the attacker can read password reset emails sent via Post SMTP, they can take over any account on the website, including administrative accounts.

“This can be used for complete site compromise by an attacker triggering a password reset for a site’s administrator user, and then obtaining the password reset email through the log data. Once an attacker has access to this key, they can reset the password for that user and log in to the account,” Defiant notes.

The vulnerability is tracked as CVE-2025-11833 (CVSS score of 9.8) and was resolved in Post SMTP version 3.6.1, on October 29.

According to Defiant, in-the-wild exploitation of the security defect started roughly three days after patches were released. The WordPress security firm has blocked over 4,500 attacks to date.

“We urge users to update their sites with the latest patched version of Post SMTP, version 3.6.1 at the time of this publication as soon as possible as active exploitation has already started and we expect the campaign to pick up soon,” Defiant notes.

Based on WordPress’s statistics, Post SMTP was downloaded less than 200,000 times over the past seven days, which suggests that roughly 200,000 websites are potentially exposed to takeover because of the bug.

The flaw was reported by a researcher named Netranger via the Wordfence Bug Bounty Program. The researcher was awarded a $7,800 bug bounty for the discovery.

Related: Year-Old WordPress Plugin Flaws Exploited to Hack Websites

Related: Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations

Related: Hackers Inject Malware Into Gravity Forms WordPress Plugin

Related: Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover

Latest News

CYBERNEWSMEDIAPublisher