cleantalk
Vulnerabilities and Security Researches

Smart WeTransfer, CVE-2025-62909

CVE, Research URL

CVE-2025-62909

Home page URL

Security reports for Smart WeTransfer

Application

Smart WeTransfer

Published on
Oct 27, 2025
Research Description
Missing Authorization vulnerability in mrityunjay Smart WeTransfer smart-wetransfer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart WeTransfer: from n/a through <= 1.3.
Affected versions
max 1.3.
Status
vulnerable
Previous vulnerability researches
Sendle Shipping Plugin (CVE-2025-60139) , Oct 11, 2025
Sendle Shipping Plugin (CVE-2023-45761) , Jun 07, 2024
Sendle Shipping Plugin (CVE-2025-62976) , Nov 10, 2025
New vulnerability
WP-Thumbnail (CVE-2025-11819) , Nov 11, 2025
WP Private Content Plus (CVE-2025-10720) , Nov 11, 2025
WP Gmail SMTP (172cc1f3c82eb47a0e2bb5d14ce96f28ededb179) , Nov 11, 2025
WP Gmail SMTP (CVE-2025-53232) , Nov 11, 2025
Connector for Gravity Forms and Google Sheets (CVE-2025-60209) , Nov 11, 2025