Easy WP SMTP 1.4.3 Patches Sensitive Data Disclosure Vulnerability – WordPress Tavern

Easy WP SMTP has patched a vulnerability that allows attackers to capture the password reset link from the plugin’s debug log file and gain unauthorized access to the site. The plugin is used by more than 500,000 WordPress sites to configure and send all outgoing emails via a SMTP server so they are less likely to end up in recipients’ junk/spam folders.

WPScan categorized the vulnerability as a “sensitive data disclosure:”

The plugin has an optional debug log file generated with a random name, located in the plugin folder and which contains all email messages sent….


More Info

About mblog.my

Check Also

WordPress SEO Agency: How To Choose The Right SEO Agency

What if we told you that it’s possible for your WordPress website to show up …

Leave a Reply

Your email address will not be published. Required fields are marked *