Untriaged
Permalink
CVE-2024-25914
4.3 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): LOW
- Availability impact (A): NONE
WordPress SMTP Mail Plugin <= 1.3.20 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery (CSRF) vulnerability in Photoboxone SMTP Mail.This issue affects SMTP Mail: from n/a through 1.3.20.
References
- https://patchstack.com/database/vulnerability/smtp-mail/wordpress-smtp-mail-plu… vdb-entry
- https://patchstack.com/database/vulnerability/smtp-mail/wordpress-smtp-mail-plu… vdb-entry
- https://patchstack.com/database/vulnerability/smtp-mail/wordpress-smtp-mail-plu… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/smtp-mail/wordpress-smtp-mail-plu… vdb-entry
- https://patchstack.com/database/vulnerability/smtp-mail/wordpress-smtp-mail-plu… vdb-entry x_transferred
Affected products
smtp-mail
- =<1.3.20
Matching in nixpkgs
pkgs.haskellPackages.smtp-mail
Simple email sending via SMTP
-
nixos-unstable -
- nixpkgs-unstable 0.5.0.0
Package maintainers
-
@mpscholten Marc Scholten <marc@digitallyinduced.com>