| CVE-2023-6621 | Post SMTP < 2.8.7 - Reflected Cross-Site Scripting | Unknown | POST SMTP | - | - | 2024-01-03 08:32:43 | Deep Dive |
| CVE-2023-7027 | POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <= 2.8.7 - Unauthenticated Stored Cross-Site Scripting via device | saadiqbal | Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App | High | 7.2 | 2024-01-03 04:29:34 | Deep Dive |
| CVE-2023-6629 | POST SMTP Mailer <= 2.8.6 - Reflected Cross-Site Scripting via msg | saadiqbal | Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App | Medium | 6.1 | 2024-01-03 04:29:34 | Deep Dive |
| CVE-2023-5958 | POST SMTP Mailer < 2.7.1 - Unauthenticated Cross-site Scripting | Unknown | POST SMTP Mailer | 高危 | - | 2023-11-27 16:22:04 | Deep Dive |
| CVE-2023-3213 | WP Mail SMTP Pro <= 3.8.0 - Missing Authorization to Information Dislcosure via is_print_page | WPForms (Awesome Motive) | WP Mail SMTP Pro | Medium | 5.3 | 2023-10-04 01:52:39 | Deep Dive |
| CVE-2023-39441 | Apache Airflow SMTP Provider, Apache Airflow IMAP Provider, Apache Airflow: SMTP/IMAP client components allowed MITM due to missing Certificate Validation | Apache Software Foundation | Apache Airflow SMTP Provider | 中危 | - | 2023-08-23 15:39:52 | Deep Dive |
| CVE-2023-3179 | POST SMTP Mailer < 2.5.7 - Account Takeover via CSRF | Unknown | POST SMTP Mailer | 高危 | - | 2023-07-17 13:29:54 | Deep Dive |
| CVE-2021-4422 | POST SMTP Mailer <= 2.0.20 - Cross-Site Request Forgery Bypass | saadiqbal | Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App | Medium | 4.3 | 2023-07-12 06:52:35 | Deep Dive |
| CVE-2023-3087 | FluentSMTP <= 2.2.4 - Unauthenticated Stored Cross-Site Scripting via Email Subject | techjewel | FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider | High | 7.2 | 2023-07-12 04:38:52 | Deep Dive |
| CVE-2023-3092 | SMTP Mail <= 1.3.46 - Unauthenticated Stored Cross-Site Scripting via Email Subject | photoboxone | SMTP Mail | High | 7.2 | 2023-07-12 04:38:47 | Deep Dive |
| CVE-2023-3158 | Mail Control <= 0.2.8 - Unauthenticated Stored Cross-Site Scripting via Email Subject | rahalaboulfeth | Mail Control – Email Customizer, SMTP Deliverability, logging, open and click Tracking | High | 7.2 | 2023-07-12 04:38:46 | Deep Dive |
| CVE-2023-3082 | Post SMTP <= 2.5.7 - Unauthenticated Stored Cross-Site Scripting via Email | saadiqbal | Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App | High | 7.2 | 2023-07-12 04:38:46 | Deep Dive |
| CVE-2023-3093 | YaySMTP <= 2.4.5 - Unauthenticated Stored Cross-Site Scripting via Email | yaycommerce | YaySMTP and Email Logs: Amazon SES, SendGrid, Outlook, Mailgun, Brevo, Google and Any SMTP Service | High | 7.2 | 2023-07-12 04:38:45 | Deep Dive |
| CVE-2019-25145 | Contact Form & SMTP Plugin by PirateForms <= 2.5.1 - Unauthenticated HTML injection | smub | Contact Form & SMTP Plugin for WordPress by PirateForms | High | 7.2 | 2023-06-07 01:51:34 | Deep Dive |
| CVE-2019-25141 | Easy WP SMTP <= 1.3.9 - Missing Authorization to Arbitrary Options Update | smub | Easy WP SMTP – WordPress SMTP and Email Logs: Gmail, Office 365, Outlook, Custom SMTP, and more | Critical | 9.8 | 2023-06-07 01:51:29 | Deep Dive |
| CVE-2023-2472 | Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue < 3.1.61 - Reflected XSS | Unknown | Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue | 中危 | - | 2023-06-05 13:39:03 | Deep Dive |
| CVE-2023-1090 | WP SMTP Mailing Queue < 2.0.1 - Admin+ Stored XSS | Unknown | SMTP Mailing Queue | 中危 | - | 2023-05-02 07:04:59 | Deep Dive |
| CVE-2022-42699 | WordPress Easy WP SMTP Plugin <= 1.5.1 is vulnerable to Remote Code Execution (RCE) | WPecommerce, Alexanderfoxc | Easy WP SMTP | Critical | 9.1 | 2022-12-06 22:00:55 | Deep Dive |
| CVE-2022-45829 | WordPress Easy WP SMTP Plugin <= 1.5.1 is vulnerable to Arbitrary File Deletion | WPecommerce, Alexanderfoxc | Easy WP SMTP | High | 8.7 | 2022-12-06 21:53:05 | Deep Dive |
| CVE-2022-45833 | WordPress Easy WP SMTP Plugin <= 1.5.1 is vulnerable to Directory Traversal | WPecommerce, Alexanderfoxc | Easy WP SMTP | Medium | 6.8 | 2022-12-06 21:44:05 | Deep Dive |