cleantalk
Vulnerabilities and Security Researches

ZeptoMail, CVE-2025-67972

CVE, Research URL

CVE-2025-67972

Home page URL

Security reports for ZeptoMail

Application

ZeptoMail

Published on
Feb 20, 2026
Research Description
Missing Authorization vulnerability in Zoho Mail Zoho ZeptoMail allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zoho ZeptoMail: from n/a through 3.2.9.
Affected versions
max 3.3.0.
Status
vulnerable
Previous vulnerability researches
KIA Subtitle (CVE-2026-7509) , May 23, 2026
New vulnerability
Email Marketing, Email Automation & Newsletter for WordPress & WooCommerce – Mail Mint (CVE-2026-27349) , May 24, 2026
Location Weather – Best Weather Forecast Widget Plugin for WordPress (CVE-2026-7249) , May 24, 2026
Hotel Booking Lite (CVE-2026-8684) , May 24, 2026
Alfie – Feed Plugin (CVE-2026-4070) , May 24, 2026
CBX 5 Star Rating & Review (CVE-2026-6864) , May 24, 2026