cleantalk
Vulnerabilities and Security Researches

SMTP2GO for WordPress – Email Made Easy, CVE-2023-28496

CVE, Research URL

CVE-2023-28496

Home page URL

Security reports for SMTP2GO for WordPress – Email Made Easy

Application

SMTP2GO for WordPress – Email Made Easy

Published on
Jun 22, 2023
Research Description
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SMTP2GO – Email Made Easy plugin <= 1.4.2 versions.
Affected versions
Min -, max 1.5.0.
Status
vulnerable
Previous vulnerability researches
SMTP2GO for WordPress &#8211; Email Made Easy (CVE-2025-54011) , Jul 19, 2025
SMTP2GO for WordPress &#8211; Email Made Easy (CVE-2023-28496) , Jun 06, 2024
New vulnerability
Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms (CVE-2025-7697) , Jul 21, 2025
Subscribe to Comments (CVE-2015-10133) , Jul 21, 2025
Connect to external APIs | Custom endpoints for WP (CVE-2025-54048) , Jul 21, 2025
Front-end Editor (CVE-2012-10019) , Jul 21, 2025
JetFormBuilder — Dynamic Blocks Form Builder (CVE-2025-53990) , Jul 20, 2025