POST SMTP Vulnerability – The #1 WordPress SMTP Plugin – Authorization Bypass via type connect-app API – CVE-2023-6875 | WordPress Plugin Vulnerability Report 

Plugin Name: POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications

Key Information:

  • Software Type: Plugin
  • Software Slug: post-smtp
  • Software Status: Active
  • Software Author: wpexpertsio
  • Software Downloads: 11,120,456
  • Active Installs: 300,000
  • Last Updated: January 10, 2024
  • Patched Versions: 2.8.8
  • Affected Versions: <= 2.8.7

Vulnerability Details:

  • Name: POST SMTP Mailer <= 2.8.7
  • Title: Authorization Bypass via type connect-app API
  • Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE: CVE-2023-6875
  • CVSS Score: 9.8
  • Publicly Published: January 10, 2024
  • Researcher: Ulyses Saicha
  • Description: The POST SMTP Mailer plugin for WordPress has a severe vulnerability due to a type juggling issue in the connect-app REST endpoint. This flaw allows unauthenticated attackers to reset the API key, potentially leading to unauthorized access to email logs and site takeover.

Summary:

The POST SMTP Mailer plugin, a popular tool for SMTP email delivery and logging on WordPress sites, has a critical vulnerability in versions up to and including 2.8.7. This security flaw, associated with an Authorization Bypass via type connect-app API, permits unauthenticated attackers to gain unauthorized access to sensitive data. This vulnerability has been patched in version 2.8.8.

Detailed Overview:

This vulnerability presents a significant security risk, as it enables attackers to bypass authorization mechanisms and potentially take over WordPress sites by accessing or altering sensitive data like email logs. The exploit involves manipulating the connect-app REST endpoint, which could lead to unauthorized access and control over the email communication system of the affected sites.

Advice for Users:

  • Immediate Action: Update to the latest patched version, 2.8.8, without delay.
  • Check for Signs of Vulnerability: Regularly review your site and email logs for unusual activities.
  • Alternate Plugins: Consider using alternative SMTP plugins with similar functionalities as an additional precaution.
  • Stay Updated: Regularly ensure all your WordPress plugins are updated to protect against vulnerabilities.

Conclusion:

The swift action to patch the CVE-2023-6875 vulnerability in the POST SMTP Mailer plugin underscores the critical importance of regular software updates in web security. WordPress site owners, especially those managing large or sensitive sites, should prioritize keeping their plugins updated. This incident serves as a vital reminder of the ongoing need for proactive cybersecurity measures to protect digital assets and maintain the integrity of online platforms.

References:

Introduction:

In the ever-evolving world of digital technology, the security of websites, particularly those powered by WordPress, is paramount. The recent identification of a critical vulnerability in the POST SMTP – The #1 WordPress SMTP Plugin, tagged as CVE-2023-6875, is a stark reminder of the ongoing need for vigilance in software maintenance. This vulnerability not only highlights the dangers of outdated plugins but also the crucial role of regular updates in safeguarding the online presence of businesses, especially small businesses reliant on WordPress.

About the Plugin:

The POST SMTP plugin, authored by wpexpertsio, is a cornerstone for SMTP email delivery and logging on WordPress sites, boasting over 11 million downloads and 300,000 active installs. Its role in managing email communications makes it a vital component for many WordPress users.

Summary:

The POST SMTP Mailer plugin has a serious vulnerability in versions up to and including 2.8.7, which permits unauthorized access to sensitive data through an API bypass. This flaw has been resolved in the latest version, 2.8.8.

Detailed Overview:

This particular vulnerability in the POST SMTP Mailer plugin represents a significant risk to WordPress sites, especially those in the eCommerce sector where email communication is key. The ability for attackers to bypass authorization and access or modify sensitive data can lead to serious consequences, including data breaches and potential site takeover.

Advice for Users:

  • Immediate Action: Update to the patched version 2.8.8 without delay.
  • Check for Signs of Vulnerability: Regularly inspect your site and email logs for unusual activities.
  • Alternate Plugins: Consider using alternative SMTP plugins with similar functionalities as a precaution.
  • Stay Updated: Always keep your WordPress plugins updated to protect against vulnerabilities.

Previous Vulnerabilities:

Since March 1, 2021, there have been 12 previous vulnerabilities reported for this plugin, underscoring the importance of continuous monitoring and updating.

Conclusion:

The rapid patching of the CVE-2023-6875 vulnerability by the developers of POST SMTP Mailer plugin highlights the critical importance of timely software updates in maintaining web security. For small business owners managing WordPress sites, this incident is a vital reminder of the need for proactive cybersecurity measures. Employing automated update features, scheduling regular security checks, or utilizing managed WordPress hosting services can effectively maintain website security with minimal time investment, safeguarding their business's online presence against emerging threats.

Staying Secure

Staying on top of WordPress security can feel overwhelming for small business owners without dedicated IT staff. At Your WP Guy, we exist to shoulder that burden for you. Our WordPress experts can fully audit, secure, maintain and support your site - so you can focus on growing your business with peace of mind.

Don't tackle security risks alone. Let us help you assess any impact from this vulnerability, update your plugins, and implement ongoing maintenance to avoid future threats. We treat your website like it's our own - because we know how critical it is for reaching your customers.

Get in touch for a free consultation today on making WordPress security stress-free. Call 678-995-5169 or book a call here. Our knowledgeable team is ready to help you safeguard your online presence.

POST SMTP Vulnerability – The #1 WordPress SMTP Plugin – Authorization Bypass via type connect-app API – CVE-2023-6875 | WordPress Plugin Vulnerability Report FAQs

Leave a Comment