Post SMTP
Saad Iqbal
Developer
3.9.3
Latest version
300,000
Installations
No date
Last updated
Vulnerability history
0 present
27 patched
10 Mitigation rules
- Cross Site Scripting (XSS) vulnerability<= 3.6.22 days ago
- Unauthenticated Reflected Cross-Site Scripting vulnerability<= 3.0.001/05/2026
- Unauthenticated Stored Cross-Site Scripting via 'event_type' vulnerability<= 3.8.020/03/2026
- Missing Authorization to Authenticated (Subscriber+) Office 365 OAuth Configuration Overwrite vulnerability<= 3.8.019/03/2026
- Admin+ SQL Injection vulnerability< 2.8.705/02/2026
- Broken Access Control vulnerability<= 3.6.107/12/2025
- Missing Authorization to Authenticated (Subscriber+) OAuth Token Update vulnerability<= 3.6.103/12/2025
- Missing Authorization to Account Takeover via Unauthenticated Email Log Disclosure vulnerability<= 3.6.003/11/2025
- Missing Authorization to Authenticated (Subscriber+) Limited Plugin Option Update vulnerability<= 3.4.102/09/2025
- Account Takeover Vulnerability<= 3.2.021/07/2025
- Authenticated (Administrator+) SQL Injection via columns Parameter vulnerability<= 3.1.208/03/2025
- Unauthenticated Stored Cross-Site Scripting vulnerability<= 3.0.217/02/2025
- Broken Access Control vulnerability<= 2.9.1107/01/2025
- SQL Injection vulnerability<= 2.9.915/11/2024
- Authenticated SQL Injection vulnerability<= 2.9.330/05/2024
- Reflected Cross Site Scripting (XSS) vulnerability<= 2.8.616/03/2024
- Authorization Bypass via type connect-app API vulnerability<= 2.8.710/01/2024
- Broken Access Control on API vulnerability<= 2.8.605/01/2024
- Unauthenticated Stored Cross-Site Scripting via device vulnerability<= 2.8.703/01/2024
- Reflected Cross-Site Scripting via msg vulnerability<= 2.8.603/01/2024
- Authenticated (Administrator+) SQL Injection vulnerability< 2.6.104/10/2023
- Reflected Cross Site Scripting (XSS) vulnerability< 2.5.818/07/2023
- Unauthenticated Stored Cross-Site Scripting via Email vulnerability<= 2.5.712/07/2023
- Account Takeover via CSRF vulnerability< 2.5.704/07/2023
- Arbitrary Log Deletion via CSRF vulnerability< 2.5.704/07/2023
- Authenticated Blind Server-Side Request Forgery (SSRF) vulnerability<= 2.1.605/09/2022
- Cross-Site Request Forgery (CSRF) nonce validation vulnerability<= 2.0.2011/02/2021