CVE-2023-3178
POST SMTP Mailer < 2.5.7 - Arbitrary Log Deletion via CSRF
The POST SMTP Mailer WordPress plugin before 2.5.7 does not have proper CSRF checks in some AJAX actions, which could allow attackers to make logged in users with the manage_postman_smtp capability delete arbitrary logs via a CSRF attack.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Productos afectados
Unknown · POST SMTP Mailer¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →