313
WordPress admins must replace their web sites with the newest Submit SMTP plugin launch, because the plugin exhibited a critical vulnerability. Particularly, the Submit SMTP plugin flaw might enable an adversary to take over the goal web site’s admin accounts. Contemplating the widespread utilization of this plugin in WordPress web sites, this vulnerability posed a risk to over 400,000 web sites.
Account Takeover Flaw Patched In Submit SMTP WordPress Plugin
Based on a latest publish from Patchstack, a critical vulnerability existed within the WordPress plugin Submit SMTP. Exploiting this vulnerability might let the adversary achieve elevated privileges on the goal web site by taking up admin accounts.
As defined, the difficulty existed as a consequence of a number of Damaged Entry Management vulnerabilities within the plugin’s REST API endpoints. Due to these vulnerabilities, the plugin solely acknowledged a logged-in consumer, with out validating the consumer’s privileges to carry out an motion. This doubtlessly allowed a logged-in adversary with low privileges (together with a Subscriber-level consumer) to realize elevated privileges and carry out unauthorized actions.
This allowed any registered consumer (together with Subscriber-level customers who should not have any privileges in any respect) to carry out quite a lot of actions, together with: viewing e-mail depend statistics, resending emails, and most dangerously, viewing detailed e-mail logs together with your complete e-mail physique.
The power to entry this detailed data permits a Subscriber-level consumer to intercept any e-mail despatched by the WordPress web site, together with password reset emails to any consumer.
Particularly, the difficulty existed with the get_logs_permission perform, which solely checked for consumer permission, with out a REST callback to carry out further checks. Thus, a licensed consumer could be granted entry to any REST API. Consequently, such specific entry finally allowed the attacker to take over admin accounts and the web site.
Replace Your Web sites With The Newest Submit SMTP Model
These vulnerabilities affected the plugin variations 3.2.0 and under. Tracked as CVE-2025-24000, the failings caught the eye of Denver Jackson, who then reported the bug through the Patchstack Zero Day bug bounty program for WordPress. Following the bug report, the plugin builders patched the vulnerability with model 3.3.0, urging Submit SMTP WordPress customers to replace to this or later releases.
Submit SMTP is a well-liked WordPress plugin for e-mail supply, letting web site admins arrange SMTP mailer providers. The plugin additionally helps numerous options to facilitate sending emails through WordPress, corresponding to e-mail logging, DNS validation, OAuth 2.0 Help, and fallback mailing.
Based on the plugin’s WordPress itemizing, it at the moment boasts over 400,000 lively installations, indicating the sheer variety of WordPress customers utilizing the plugin. On the similar time, this large variety of installations additionally signifies the extent of the risk as a consequence of any unpatched vulnerabilities within the plugin. Therefore, all customers should be certain that they replace their websites with the newest plugin releases to obtain all fixes.
Tell us your ideas within the feedback.
