To plugin page

Fixed

WordPress Easy WP SMTP plugin <= 1.3.9 - Unauthenticated arbitrary "wp_options" import vulnerability

CVSS 3.1 score Unknown severity

Monitoring Coming soon

Find out about vulnerable plugins in your websites for free.

Scan your website

Software

Easy WP SMTP

Type

Plugin

Vulnerable versions

<= 1.3.9

Fixed in

1.3.9.1

PSID

196c9079efbc

CVE ID

N/A

Classification

Bypass Vulnerability

OWASP Top 10

A2: Broken Authentication and Session Management

Required privilege

Credits

Jerome Bruandet

Publicly disclosed

2019-03-20

Details

Unauthenticated arbitrary "wp_options" import vulnerability found Jerome Bruandet in WordPress Easy WP SMTP plugin (versions <= 1.3.9).

Solution

Update the WordPress Easy WP SMTP plugin to the latest available version (at least 1.3.9.1).

References

Plugin changelog

Other known vulnerabilities for Easy WP SMTP

Unauthenticated Admin Password Reset

<= 1.4.2

Submit vulnerabilities and become a verified Alliance member

Learn more

WordPress Easy WP SMTP plugin <= 1.3.9 - Unauthenticated arbitrary "wp_options" import vulnerability

Details

Solution

References

Other known vulnerabilities for Easy WP SMTP

Submit vulnerabilities and become a verified Alliance member

All solutions

WordPress security

Patchstack

Social

All solutions

WordPress Security

Patchstack

Social

© 2022 Patchstack

WordPress Easy WP SMTP plugin <= 1.3.9 - Unauthenticated arbitrary "wp_options" import vulnerability

Details

Solution

References

Other known vulnerabilities for Easy WP SMTP

Submit vulnerabilities and become a verified Alliance member

All solutions

WordPress security

Patchstack

Social

All solutions

WordPress Security

Patchstack

Social

© 2022 Patchstack

Let us know if we have missed a vulnerability reported elsewhere

Thank you for contributing!