Easy WP SMTP 1.4.3 Patches Sensitive Data Disclosure Vulnerability – WordPress Tavern

[ad_1]

Easy WP SMTP has patched a vulnerability that allows attackers to capture the password reset link from the plugin’s debug log file and gain unauthorized access to the site. The plugin is used by more than 500,000 WordPress sites to configure and send all outgoing emails via a SMTP server so they are less likely to end up in recipients’ junk/spam folders.

WPScan categorized the vulnerability as a “sensitive data disclosure:”

The plugin has an optional debug log file generated with a random name, located in the plugin folder and which contains all email messages sent….

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *