Vulnerabilities and Security Researches

Free WP Mail SMTP (Official – 2019), CVE-2025-28974

CVE, Research URL: CVE-2025-28974
Home page URL: Security reports for Free WP Mail SMTP (Official – 2019)
Application: Free WP Mail SMTP (Official – 2019)
Published on: Jun 06, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in mail250 Free WP Mail SMTP allows Stored XSS. This issue affects Free WP Mail SMTP: from n/a through 1.0.
Affected versions: Min -, max 1.0.
Status: vulnerable