cleantalk
Vulnerabilities and Security Researches

POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications, CVE-2025-67563

CVE, Research URL

CVE-2025-67563

Home page URL

Security reports for POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications

Application

POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications

Published on
Dec 09, 2025
Research Description
Missing Authorization vulnerability in Saad Iqbal Post SMTP post-smtp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post SMTP: from n/a through <= 3.6.1.
Affected versions
max 3.6.2.
Status
vulnerable
Previous vulnerability researches
WordPress Mobile Themes (CVE-2025-28881) , Mar 13, 2025
New vulnerability
Ibtana &#8211; WordPress Website Builder (CVE-2025-59581) , Jun 13, 2026
Dracula Dark Mode – Smooth Dark Mode &amp; Enhanced Accessibility for WordPress (CVE-2023-33999) , Jun 13, 2026
Tablesome &#8211; Responsive Table, Email Log, Form Automation &#8211; Contact Form 7, Elementor, WPForms, Gravity Forms, Fluen (CVE-2023-33999) , Jun 13, 2026
Coming Soon Pages for WordPress &#8211; Coming Soon Booster (CVE-2023-33999) , Jun 13, 2026
Floating Awesome Button (Sticky Button &amp; Popup) &#8211; CTA, Back to Top, Shortcodes, Widget, &amp; More (CVE-2023-33999) , Jun 13, 2026