Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2023-6875

Published: 11/01/2024 Updated: 18/01/2024
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Post Smtp Mailer

Vulnerability Summary

The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated malicious users to reset the API key used to authenticate to the mailer and view logs, including password reset emails, allowing site takeover.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

wpexperts post smtp mailer

Vendor Advisories

Check Point Security Alerts: WordPress POST SMTP Mailer Plugin Authentication Bypass (CVE-2023-6875)
Check Point Reference: CPAI-2023-1469 Date Published: 16 Jan 2024 Severity: High ...

Exploits

Exploit DB: WordPress POST SMTP Mailer 2.8.7 Authorization Bypass / Cross Site Scripting
WordPress POST SMTP Mailer plugin versions 287 and below suffer from authorization bypass and cross site scripting vulnerabilities ...

Github Repositories

https://github.com/gbrsh/CVE-2023-6875

Exploit for CVE-2023-6875 - Unauthorized Account Takeover.

CVE-2023-6875 Exploit for PostSMTP - Unauthorized Account Takeover PoC is now published It was created for educational/research purposes only! Use it at your own risk!

https://github.com/UlyssesSaicha/CVE-2023-6875

CVE-2023-6875 PoC

CVE-2023-6875 CVE-2023-6875 PoC This is the original proof of concept given to Wordfence for my participation in its Holiday Bug Bonanza An extra was given for this proof of concept code Thank you to Wordfence for the opportunity! I had a lot of fun during the Bug Bonanza and hope that it happens again

References

CWE-862https://www.wordfence.com/threat-intel/vulnerabilities/id/e675d64c-cbb8-4f24-9b6f-2597a97b49af?source=cvehttps://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/includes/rest-api/v1/rest-api.php#L60https://plugins.trac.wordpress.org/changeset/3016051/post-smtp/trunk?contextall=1&old=3012318&old_path=%2Fpost-smtp%2Ftrunkhttp://packetstormsecurity.com/files/176525/WordPress-POST-SMTP-Mailer-2.8.7-Authorization-Bypass-Cross-Site-Scripting.htmlhttps://nvd.nist.govhttps://github.com/gbrsh/CVE-2023-6875https://packetstormsecurity.com/files/176525/WordPress-POST-SMTP-Mailer-2.8.7-Authorization-Bypass-Cross-Site-Scripting.htmlhttps://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2023-1469.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651CVE-2024-34255elevation of privilegeCVE-2024-25529CVE-2024-4671NULL pointer dereferenceCVE-2024-25527template injectionCVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook