cleantalk
Vulnerabilities and Security Researches

SMTP for SendGrid – YaySMTP, CVE-2025-48301

CVE, Research URL

CVE-2025-48301

Home page URL

Security reports for SMTP for SendGrid – YaySMTP

Application

SMTP for SendGrid – YaySMTP

Published on
Jul 16, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce SMTP for SendGrid – YaySMTP allows SQL Injection. This issue affects SMTP for SendGrid – YaySMTP: from n/a through 1.5.
Affected versions
Min -, max 1.5.1.
Status
vulnerable
Previous vulnerability researches
BuddyForms Form Elements for WooCommerce (39d1f22f-ea34-4d94-9dc2-12661cf69d36) , Jun 07, 2024
New vulnerability
Block Editor Gallery Slider (CVE-2025-6726) , Jul 18, 2025
YayExtra – WooCommerce Extra Product Options (CVE-2025-48299) , Jul 18, 2025
Pay with Contact Form 7 (CVE-2025-52777) , Jul 18, 2025
WordPress-WPJobBoard (CVE-2025-49455) , Jul 18, 2025
Restaurant Menu and Food Ordering (CVE-2025-54038) , Jul 18, 2025