cleantalk
Vulnerabilities and Security Researches

Smart WeTransfer, CVE-2025-62909

CVE, Research URL

CVE-2025-62909

Home page URL

Security reports for Smart WeTransfer

Application

Smart WeTransfer

Published on
Oct 27, 2025
Research Description
Missing Authorization vulnerability in mrityunjay Smart WeTransfer smart-wetransfer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart WeTransfer: from n/a through <= 1.3.
Affected versions
max 1.3.
Status
vulnerable
Previous vulnerability researches
WP Mapbox GL JS Maps (CVE-2025-62942) , Nov 10, 2025
New vulnerability
WP Gmail SMTP (172cc1f3c82eb47a0e2bb5d14ce96f28ededb179) , Nov 11, 2025
WP Gmail SMTP (CVE-2025-53232) , Nov 11, 2025
Connector for Gravity Forms and Google Sheets (CVE-2025-60209) , Nov 11, 2025
Email Tracker – Email Tracking Plugin to track Emails for Open and Email Links Click (Compatible with WooCommerce) (CVE-2025-10047) , Nov 11, 2025
Advanced Ads – Ad Manager &amp; AdSense (CVE-2025-10487) , Nov 11, 2025