cleantalk
Vulnerabilities and Security Researches

POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications, CVE-2024-29128

CVE, Research URL

CVE-2024-29128

Home page URL

Security reports for POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications

Application

POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications

Published on
Mar 19, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Post SMTP POST SMTP allows Reflected XSS.This issue affects POST SMTP: from n/a through 2.8.6.
Affected versions
Min -, max 2.8.7.
Status
vulnerable
Previous vulnerability researches
POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications (CVE-2025-22800) , Jan 11, 2025
POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications (CVE-2023-52233) , Jul 10, 2024
POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications (CVE-2023-3179) , Jun 07, 2024
POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications (CVE-2022-2352) , Jun 07, 2024
POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications (CVE-2021-4422) , Jun 07, 2024
New vulnerability
Frontend File Manager Plugin (CVE-2023-7306) , Jul 27, 2025
Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition (CVE-2025-6441) , Jul 27, 2025
Timber (CVE-2024-45411) , Jul 27, 2025
Advanced iFrame (CVE-2025-6987) , Jul 27, 2025
ReachShip WooCommerce Multi-Carrier & Conditional Shipping (CVE-2025-53213) , Jul 27, 2025