Post SMTP Vulnerability – Authenticated (Administrator+) SQL Injection – CVE-2024-5207 | WordPress Plugin Vulnerability Report

Plugin Name: Post SMTP

Key Information:

  • Software Type: Plugin
  • Software Slug: post-smtp
  • Software Status: Active
  • Software Author: wpexpertsio
  • Software Downloads: 12,562,258
  • Active Installs: 400,000
  • Last Updated: May 22, 2024
  • Patched Versions: 2.9.4
  • Affected Versions: <=2.9.3

Vulnerability Details:

  • Name: POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <= 2.9.3 - Authenticated (Administrator+) SQL Injection
  • Type: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
  • CVE: CVE-2024-5207
  • CVSS Score: 7.2 (High)
  • Publicly Published: May 22, 2024
  • Researcher: Le Ngoc Anh
  • Description: The POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications plugin for WordPress is vulnerable to time-based SQL Injection via the selected parameter in all versions up to, and including, 2.9.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator access or higher to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Summary:

The Post SMTP plugin for WordPress has a vulnerability in versions up to and including 2.9.3 that allows authenticated attackers with administrator access or higher to perform SQL injection attacks. This vulnerability has been patched in version 2.9.4.

Detailed Overview:

The vulnerability, discovered by researcher Le Ngoc Anh, is a time-based SQL injection flaw in the Post SMTP plugin. It arises from insufficient escaping of the user-supplied 'selected' parameter and a lack of proper preparation of the existing SQL query. Attackers with administrator privileges or higher can exploit this to append additional SQL queries and extract sensitive information from the database, posing significant risks to the security of affected WordPress installations.

Advice for Users:

  1. Immediate Action: Users are strongly advised to update the Post SMTP plugin to version 2.9.4 or later immediately.
  2. Check for Signs of Vulnerability: Check your site's database for any suspicious or unauthorized changes that might indicate a breach.
  3. Alternate Plugins: While a patch is available, users might still consider plugins that offer similar functionality as a precaution.
  4. Stay Updated: Always ensure that your plugins are updated to the latest versions to avoid vulnerabilities.

The prompt response from the plugin developers to patch this vulnerability underscores the importance of timely updates. Users are advised to ensure that they are running version 2.9.4 or later to secure their WordPress installations.

References:

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/post-smtp

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/post-smtp/post-smtp-mailer-email-log-delivery-failure-notifications-and-best-mail-smtp-for-wordpress-293-authenticated-administrator-sql-injection

Detailed Report:

As a website owner, the security of your site should always be a top priority. Keeping your WordPress plugins updated is a crucial part of maintaining a secure online presence. Today, we bring to your attention a critical vulnerability discovered in the popular Post SMTP plugin, affecting versions up to and including 2.9.3.

This vulnerability, identified as CVE-2024-5207, allows authenticated attackers with administrator access or higher to perform SQL injection attacks, potentially compromising sensitive information stored in your website's database. The severity of this issue cannot be overstated, as it puts your site, your data, and your users' trust at risk.

About the Post SMTP Plugin

Post SMTP is a popular WordPress plugin designed to improve email delivery and provide advanced logging and failure notifications. It has over 400,000 active installations and has been downloaded more than 12 million times. The plugin was last updated on May 22, 2024.

Vulnerability Details

The vulnerability, discovered by researcher Le Ngoc Anh, is a time-based SQL injection flaw in the Post SMTP plugin. It arises from insufficient escaping of the user-supplied 'selected' parameter and a lack of proper preparation of the existing SQL query. Attackers with administrator privileges or higher can exploit this to append additional SQL queries and extract sensitive information from the database, posing significant risks to the security of affected WordPress installations.

Risks and Potential Impacts

Exploiting this vulnerability could allow attackers to access sensitive information stored in your website's database, such as user credentials, personal data, or other confidential information. This could lead to data breaches, identity theft, or other malicious activities that can harm your business and your users' trust in your website.

How to Fix the Vulnerability

We strongly urge all users of the Post SMTP plugin to take immediate action and update to version 2.9.4 or later. By doing so, you can protect your site from potential attacks and ensure the integrity of your data. If you are unsure about updating the plugin yourself, please contact your website administrator or a professional WordPress developer for assistance.

Previous Vulnerabilities

It's worth noting that the Post SMTP plugin has had 13 previous vulnerabilities since March 2021. This underscores the importance of regularly updating your plugins and staying informed about potential security risks.

The Importance of Staying Vigilant

As a small business owner, we understand that managing a website can be overwhelming, and staying on top of security vulnerabilities may not always be at the forefront of your mind. However, the consequences of a security breach can be devastating for your business. By taking proactive steps to keep your site updated and secure, you can protect your business, your customers, and your reputation.

If you have any concerns or questions about the security of your WordPress site, please don't hesitate to reach out to our team of experts. We are here to help you navigate the complex world of website security and ensure that your online presence remains safe and trusted.

Remember, when it comes to website security, vigilance is key. By staying informed, taking swift action to address vulnerabilities, and partnering with trusted professionals, you can focus on growing your business while knowing that your website is in good hands.

Don't tackle WordPress security alone - the consequences of a breach are too great. At Your WP Guy, our managed WordPress maintenance services include layers of protection like auto-updates, malware scanning, firewalls and 24/7 monitoring by WordPress experts. We become your outsourced IT team.

Let's chat about migrating your site to our managed hosting so you can finally stop worrying about security issues. We'll fully audit and lock down your site as part of onboarding. Call us at 678-995-5169 to keep your business safe online.

Post SMTP Vulnerability – Authenticated (Administrator+) SQL Injection – CVE-2024-5207 | WordPress Plugin Vulnerability Report FAQs

Leave a Comment