cleantalk
Vulnerabilities and Security Researches

POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications, CVE-2025-67563

CVE, Research URL

CVE-2025-67563

Home page URL

Security reports for POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications

Application

POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications

Published on
Dec 09, 2025
Research Description
Missing Authorization vulnerability in Saad Iqbal Post SMTP post-smtp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post SMTP: from n/a through <= 3.6.1.
Affected versions
max 3.6.2.
Status
vulnerable
Previous vulnerability researches
Backup, Restore and Migrate WordPress Sites With the XCloner Plugin (CVE-2014-8605) , Jun 06, 2024
Backup, Restore and Migrate WordPress Sites With the XCloner Plugin (CVE-2014-8603) , Jun 06, 2024
Backup, Restore and Migrate WordPress Sites With the XCloner Plugin (CVE-2015-4336) , Jun 06, 2024
Backup, Restore and Migrate WordPress Sites With the XCloner Plugin (CVE-2015-4338) , Jun 06, 2024
Backup, Restore and Migrate WordPress Sites With the XCloner Plugin (CVE-2014-2340) , Jun 06, 2024
New vulnerability
Tweaker for Ninja Foms emails (CVE-2023-33999) , Jun 13, 2026
Custom WooCommerce Checkout Fields Editor (CVE-2023-33999) , Jun 13, 2026
Elementor Stripe Payment (CVE-2023-33999) , Jun 13, 2026
Contact Form DB Divi (CVE-2023-33999) , Jun 13, 2026
WP SecureSubmit (CVE-2024-56270) , Jun 13, 2026