Cybersecurity researchers Ulyses Saicha and Sean Murphy have discovered the authorization Bypass vulnerability in POST SMTP Mailer, a WordPress plugin with over 300,000+ active installations.

This vulnerability makes it possible for unauthenticated threat actors to reset the API key used to authenticate to the mailer and view logs, including password reset emails on WordPress sites that use this plugin.

Buy Me a Coffee

Read More: https://www.wordfence.com/blog/2024/01/type-juggling-leads-to-two-vulnerabilities-in-post-smtp-mailer-wordpress-plugin/

READ
UK Cracks Down on Russian Money Laundering Networks Supporting Global Cybercrime