CVE-2025-24000
published 2025-08-07CVE-2025-24000: Authentication Bypass Using an Alternate Path or Channel vulnerability in Saad Iqbal Post SMTP post-smtp allows Authentication Bypass.This issue affects Post…
PriorityP181high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
0.55%
41.6th percentile
Authentication Bypass Using an Alternate Path or Channel vulnerability in Saad Iqbal Post SMTP post-smtp allows Authentication Bypass.This issue affects Post SMTP: from n/a through <= 3.2.0.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| saad_iqbal | post_smtp | <= 3.2.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for low-privileged WordPress users (Subscriber role) making requests to Post SMTP email log REST API endpoints, particularly followed by administrator password reset requests — this sequence is the core exploit chain. ↗
- →Flag WordPress sites still running Post SMTP versions up to and including 3.2.0 as vulnerable to CVE-2025-24000. The fix was introduced in version 3.3.0. ↗
- ·A significant portion of the install base (24.2%, ~96,800 sites) runs Post SMTP 2.x branch, which is vulnerable to additional, separate security flaws beyond CVE-2025-24000. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2fgh-78wf-f9v9: Authentication Bypass Using an Alternate Path or Channel vulnerability in WPExperts Post SMTP allows Authentication Bypass
ghsa_unreviewed·2025-08-07
CVE-2025-24000 [HIGH] CWE-288 GHSA-2fgh-78wf-f9v9: Authentication Bypass Using an Alternate Path or Channel vulnerability in WPExperts Post SMTP allows Authentication Bypass
Authentication Bypass Using an Alternate Path or Channel vulnerability in WPExperts Post SMTP allows Authentication Bypass.This issue affects Post SMTP: from n/a through 3.2.0.
VulnCheck
wpexperts post_smtp Authentication Bypass Using an Alternate Path or Channel
vulncheck·2025
CVE-2025-24000 wpexperts post_smtp Authentication Bypass Using an Alternate Path or Channel
wpexperts post_smtp Authentication Bypass Using an Alternate Path or Channel
Authentication Bypass Using an Alternate Path or Channel vulnerability in Saad Iqbal Post SMTP post-smtp allows Authentication Bypass.This issue affects Post SMTP: from n/a through <= 3.2.0.
Affected: WPExperts Post SMTP
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/post-smtp/post-smtp-320-missing-authorization-to-authenticated-subscriber-account-takeover-via-email-log-exposure
No detection rules found.
No public exploits indexed.
Bleepingcomputer
Hackers exploit WordPress plugin Post SMTP to hijack admin accounts
blogs_bleepingcomputer·2025-11-04·CVSS 9.8
[CRITICAL] Hackers exploit WordPress plugin Post SMTP to hijack admin accounts
## Hackers exploit WordPress plugin Post SMTP to hijack admin accounts
## Bill Toulas
Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts.
Post SMTP is a popular email delivery solution marketed as a feature-rich and more reliable replacement of the default ‘wp_mail()’ function.
On October 11, WordPress security firm Wordfence received a report from researcher ‘netranger’ about an email log disclosure issue that could be leveraged for account takeover attacks.
The issue, tracked as CVE-2025-11833, received a critical-severity score of 9.8 and impacts all versions of Post SMTP from 3.6.0 and older.
The vulnerability stems from the lack of auth
Bleepingcomputer
Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks
blogs_bleepingcomputer·2025-07-26
Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks
## Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks
## Bill Toulas
More than 200,000 WordPress websites are using a vulnerable version of the Post SMTP plugin that allows hackers to take control of the administrator account.
Post SMTP is a popular email delivery plugin for WordPress that counts more than 400,000 active installations. It’s marketed as a replacement of the default ‘ wp_mail() ’ function that is more reliable and feature-rich.
On May 23, a security researcher reported the vulnerability to WordPress security firm PatchStack. The flaw is now identified as CVE-2025-24000 and received a medium severity score of 8.8.
The security issue affects all versions of Post SMTP up to 3.2.0 and is due to a broken access control mechanism in the plugin’s REST API
2025-08-07
Published
Exploited in the wild