Easy WP SMTP <= 1.3.9 - Missing Authorization to Arbitrary Options Update

The Easy WP SMTP plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.3.9. This is due to missing capability checks on the admin_init() function, in addition to insufficient input validation. This makes it possible for unauthenticated attackers to modify the plugins settings and arbitrary options on the site that can be used to inject new administrative user accounts.

References:

https://www.wordfence.com/threat-intel/vulnerabilities/id/84b75f7d-7258-46f6-aee6-b96d70bee264?source=cve
https://medium.com/@ayman.abdul.kareem/from-bug-finder-to-risk-advisor-how-security-roles-are-evolving-db1aa86dd137
https://nvd.nist.gov/vuln/detail/CVE-2019-25141

Short Info

Level

Critical

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

10 days 22 hours

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

Get started to protecting your digital assets

Start trial See the plans

Easy WP SMTP <= 1.3.9 - Missing Authorization to Arbitrary Options Update

Short Info

-

Detail

Solution Advice

Category