Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2023-6875Authorization Bypass Through User-Controlled Key in Post Smtp

CWE-639Authorization Bypass Through User-Controlled KeyCWE-862Missing Authorization7 documents7 sources
Severity
9.8CRITICALNVD
CNA8.6VulnCheck8.6
EPSS
93.7%
top 0.15%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Wpexperts Post Smtp
Timeline
PublishedJan 11
Latest updateApr 11

Description

The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to reset the API key used to authenticate to the mailer and view logs, including password reset emails, allowing site takeover. CVE-2023-52233 appears

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

4
VulDB
POST SMTP Mailer Plugin up to 2.8.7 on WordPress authorization (ID 176525)2026-04-11
CVEList
POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <= 2.8.7 - Authorization Bypass via type connect-app API2024-01-11
GHSA
GHSA-9cw8-p5p2-35pf: The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized a2024-01-11
VulnCheck
wpexperts post_smtp Authorization Bypass Through User-Controlled Key2023

💥Exploits & PoCs

1
Nuclei
WordPress POST SMTP Mailer <= 2.8.7 - Authorization Bypass

🕵️Threat Intelligence

1
Bleepingcomputer
Over 150k WordPress sites at takeover risk via vulnerable plugin2024-01-11
CVE-2023-6875 — Wpexperts Post Smtp vulnerability | cvebase