WordPress Plugin Post SMTP-WP SMTP with Email Logs Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP Office 365 Brevo Mailgun Amazon SES Postmark Server-Side Request Forgery - CVE-2022-2352 - Vulnerability Database

WordPress Plugin Post SMTP-WP SMTP with Email Logs Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP Office 365 Brevo Mailgun Amazon SES Postmark Server-Side Request Forgery - CVE-2022-2352

Low

Reference: CVE-2022-2352

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2022-2352

Title: WordPress Plugin Post SMTP-WP SMTP with Email Logs Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP Office 365 Brevo Mailgun Amazon SES Postmark Server-Side Request Forgery

Overview:

WordPress Plugin Post SMTP-WP SMTP with Email Logs Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP Office 365 Brevo Mailgun Amazon SES Postmark is prone to a server-side request forgery vulnerability. An attacker may leverage this issue to make the vulnerable server perform port scanning of hosts in internal or external networks other attacks are also possible. WordPress Plugin Post SMTP-WP SMTP with Email Logs Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP Office 365 Brevo Mailgun Amazon SES Postmark version 2.1.6 is vulnerable prior versions may also be affected.