CVE-2023-3178

Name of the Vulnerable Software and Affected Versions POST SMTP Mailer WordPress plugin versions prior to 2.5.7

Description The issue is related to improper CSRF checks in some AJAX actions. This could allow attackers to make logged-in users with the manage postman smtp capability delete arbitrary logs via a CSRF attack.

Recommendations For versions prior to 2.5.7, update to version 2.5.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the AJAX actions that are vulnerable to CSRF attacks until a patch is applied.