Post SMTP Mailer plugin had security concerns recently with over 150,000 WordPress sites exposed due to plugin vulnerabilities
Security researchers from Wordfence, Ulysses Saicha and Sean Murphy, recently uncovered two vulnerabilities in the widely used POST SMTP Mailer WordPress plugin, affecting approximately 300,000 websites. Swift action is advised to protect sites from potential takeover threats.
Authorization Bypass Flaw (CVE-2023-6875):
The first vulnerability, tracked as CVE-2023-6875, is a critical authorization bypass flaw resulting from a “type juggling” issue on the connect-app REST endpoint. This vulnerability impacts all plugin versions up to 2.8.7.
An unauthenticated attacker can exploit this flaw to reset the API key, gaining access to sensitive log information, including password reset emails. By manipulating a function related to the mobile app, the attacker can set a valid token, change the authentication key, and lock the legitimate user out of the account.
Once the attacker has administrator privileges, they can plant backdoors, modify plugins and themes, and manipulate content, posing a significant threat to site integrity.
Cross-Site Scripting (XSS) Vulnerability (CVE-2023-7027):
The second vulnerability, identified as CVE-2023-7027, is a cross-site scripting (XSS) issue stemming from insufficient input sanitization and output escaping. This vulnerability affects POST SMTP up to version 2.8.7.
Exploiting this flaw could allow attackers to inject arbitrary scripts into the web pages of affected sites, posing a risk to user data and site functionality.
Wordfence promptly alerted the plugin vendor about the critical flaw on December 8, 2023, providing a proof-of-concept (PoC) exploit on December 15. The XSS issue was reported on December 19, 2023, with a PoC shared the following day.
The plugin’s vendor has released version 2.8.8 on January 1, 2024, addressing these security vulnerabilities. It is crucial for site administrators to update to this latest version promptly.
Protect Your Site: Immediate Action Required
From the statistics obtained from wordpress.org, around 150,000 sites are running versions of the plugin lower than 2.8.7, making them vulnerable. Even among the remaining sites with version 2.8 and higher, thousands may still be at risk, considering approximately 100,000 downloads since the patch release. Safeguard your WordPress site by updating the POST SMTP Mailer plugin to version 2.8.8 immediately.
Also read, Plugin Maintenance: Keeping Your Browser Plugins Updated
nilyne casamauyu
Noted, there will be a post on that soon. Thanks!