On December 14th, 2023, during our Bug Bounty Program Holiday Bug Extravaganza, we received a submission for an Authorization Bypass vulnerability in POST SMTP Mailer, a WordPress plugin with over 300,000+ active installations. This vulnerability makes it possible for unauthenticated threat actors to reset the API key used to authenticate to the mailer and view …
Read More
The post Type Juggling Leads to Two Vulnerabilities in POST SMTP Mailer WordPress Plugin appeared first on Wordfence.
This article has been indexed from Blog – Wordfence