CVE-2025-24000

Name of the Vulnerable Software and Affected Versions Post SMTP versions prior to 3.3.0

Description A flaw exists in the Post SMTP WordPress plugin due to a broken access control mechanism within its REST API. This allows users with low privileges, such as Subscribers, to access sensitive email logs and potentially initiate password resets for administrator accounts, leading to a potential account takeover. Over 400,000 WordPress sites are affected, with more than 200,000 remaining vulnerable as of recent reports. The vulnerability is actively exploited. The issue stems from insufficient checks on user permissions when accessing certain API endpoints. Specifically, the API endpoints only verify if a user is logged in, but do not validate their level of authorization. This allows unauthorized access to sensitive data and functionality. The get logs permission function is implicated in the vulnerability.

Recommendations Update to Post SMTP version 3.3.0 or later.