cleantalk
Vulnerabilities and Security Researches

WP Mail SMTP by WPForms – The Most Popular SMTP and Email Log Plugin, 68ce888a3bdc02e62b7d57497d9bebac954992db

CVE, Research URL

68ce888a3bdc02e62b7d57497d9bebac954992db

Home page URL

Security reports for WP Mail SMTP by WPForms – The Most Popular SMTP and Email Log Plugin

Application

WP Mail SMTP by WPForms – The Most Popular SMTP and Email Log Plugin

Published on
Dec 07, 2018
Research Description
WP Mail SMTP by WPForms &#8211; The Most Popular SMTP and Email Log Plugin [wp-mail-smtp] < 1.4.0 (closed) WordPress WP Mail SMTP by WPForms plugin <= 1.3.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability Authenticated Stored Cross-Site Scripting (XSS) vulnerability found by RIPS Technologies in WordPress WP Mail SMTP by WPForms plugin (versions <= 1.3.3).
Affected versions
Min -, max 1.4.0.
Status
vulnerable
Previous vulnerability researches
Free WP Mail SMTP (Official &#8211; 2019) (CVE-2025-28974) , Jun 15, 2025
WP Mail SMTP by WPForms – The Most Popular SMTP and Email Log Plugin (68ce888a3bdc02e62b7d57497d9bebac954992db) , Jun 06, 2024
WP Mail SMTP by WPForms – The Most Popular SMTP and Email Log Plugin (CVE-2024-6694) , Jul 21, 2024
New vulnerability
WPThumb (CVE-2025-49983) , Jun 23, 2025
TinyNav (CVE-2025-52781) , Jun 23, 2025
WP Register Profile With Shortcode (CVE-2025-50042) , Jun 22, 2025
WP Customer Area (CVE-2025-49982) , Jun 22, 2025
Polls CP (CVE-2025-50025) , Jun 22, 2025