Cybersecurity researchers Ulyses Saicha and Sean Murphy have discovered the authorization Bypass vulnerability in POST SMTP Mailer, a WordPress plugin with over 300,000+ active installations.

Buy Me A Coffee

This vulnerability makes it possible for unauthenticated threat actors to reset the API key used to authenticate to the mailer and view logs, including password reset emails on WordPress sites that use this plugin.

Read More: https://www.wordfence.com/blog/2024/01/type-juggling-leads-to-two-vulnerabilities-in-post-smtp-mailer-wordpress-plugin/

READ
DOJ Seizes ‘Bot Farm’ Operated by the Russian Government