cleantalk
Vulnerabilities and Security Researches

WP Mail Options, CVE-2025-28981

CVE, Research URL

CVE-2025-28981

Home page URL

Security reports for WP Mail Options

Application

WP Mail Options

Published on
Jun 06, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Soli WP Mail Options allows Stored XSS. This issue affects WP Mail Options: from n/a through 0.2.3.
Affected versions
Min -, max 0.2.3.
Status
vulnerable
Previous vulnerability researches
WP Mail (CVE-2017-5942) , Jun 07, 2024
WP Mail (CVE-2025-58822) , Sep 07, 2025
WP Easy Post Mailer (CVE-2025-23956) , Jan 25, 2025
Free WP Mail SMTP (Official – 2019) (CVE-2025-28974) , Jun 15, 2025
WP Mail Options (CVE-2025-28981) , Jun 15, 2025
New vulnerability
PDF Embedder , Sep 11, 2025
Pixeline's Email Protector (CVE-2025-58982) , Sep 11, 2025
Include Me (CVE-2025-58983) , Sep 11, 2025
PagSeguro / PagBank Connect (CVE-2025-10142) , Sep 11, 2025
Duplicate Page and Post (CVE-2025-6189) , Sep 11, 2025