Primary

Context

WPExperts Post SMTP Authentication Bypass Vulnerability

Vulnerability

Patched

A vulnerability allowing authentication bypass has been identified in the WPExperts Post SMTP plugin, affecting versions through 3.2.0. This issue allows attackers to bypass authentication mechanisms, potentially leading to unauthorized access or actions on behalf of higher-privileged users.

Impact

Exploitation of this vulnerability could allow attackers to gain unauthorized access and perform actions reserved for higher-privileged users, possibly leading to admin access on the website.

Remediation

Users of the WPExperts Post SMTP plugin should update to version 3.3.0 or later. Patchstack users can enable auto-updates for vulnerable plugins.

Added: Aug 7, 2025, 5:45 PM

Updated: Aug 7, 2025, 5:45 PM

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

5.0

exploitability

5.4

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

5.0

exploitability

5.4

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WPExperts Post SMTP Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

WPExperts Post SMTP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating