cleantalk
Vulnerabilities and Security Researches

POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications, CVE-2025-67563

CVE, Research URL

CVE-2025-67563

Home page URL

Security reports for POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications

Application

POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications

Published on
Dec 09, 2025
Research Description
Missing Authorization vulnerability in Saad Iqbal Post SMTP post-smtp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post SMTP: from n/a through <= 3.6.1.
Affected versions
max 3.6.2.
Status
vulnerable
Previous vulnerability researches
Social Photo Gallery (CVE-2019-14467) , Jun 06, 2024
Photo Gallery ( Responsive ) (CVE-2025-27276) , Feb 26, 2025
Image Gallery &#8211; Responsive Photo Gallery (CVE-2025-24697) , Feb 05, 2025
Image Gallery &#8211; Responsive Photo Gallery (CVE-2024-12403) , Jan 16, 2025
ZooEffect Plugin for Video player, Photo Gallery Slideshow jQuery and audio / music / podcast &#8211; HTML5 (CVE-2023-1427) , Jun 06, 2024
New vulnerability
Custom WooCommerce Checkout Fields Editor (CVE-2023-33999) , Jun 13, 2026
Elementor Stripe Payment (CVE-2023-33999) , Jun 13, 2026
Contact Form DB Divi (CVE-2023-33999) , Jun 13, 2026
WP SecureSubmit (CVE-2024-56270) , Jun 13, 2026
WP Delicious &#8211; Best WordPress Recipes Plugin (formerly Delicious Recipes) (CVE-2023-33999) , Jun 13, 2026