GCVE - cpe:2.3:a:saad_iqbal:post_smtp:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:saad_iqbal:post_smtp:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Saad Iqbal (`97dce978-69c2-5929-ad59-42f939c1becd`)
Product	Post Smtp (`92adcda9-8374-5b2c-849f-438d06a64405`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-67563`	vulnerable	2026-06-03 15:11:01.818965	WordPress Post SMTP plugin <= 3.6.1 - Broken Access Control vulnerability MEDIUM (5.3) Missing Authorization vulnerability in Saad Iqbal Post SMTP post-smtp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post SMTP: from n/a through <= 3.6.1. Published: 2025-12-09T14:14:11.248Z Updated: 2026-04-28T16:14:21.208Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/post-smtp/vulnerability/wordpress-post-smtp-plugin-3-6-1-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-24000`	vulnerable	2026-06-03 14:59:54.168839	WordPress Post SMTP plugin <= 3.2.0 - Account Takeover Vulnerability HIGH (8.8) Authentication Bypass Using an Alternate Path or Channel vulnerability in Saad Iqbal Post SMTP post-smtp allows Authentication Bypass.This issue affects Post SMTP: from n/a through <= 3.2.0. Published: 2025-08-07T16:58:28.884Z Updated: 2026-05-13T00:04:08.090Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/post-smtp/vulnerability/wordpress-post-smtp-3-2-0-privilege-escalation-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-22800`	vulnerable	2026-06-03 14:59:41.494039	WordPress Post SMTP plugin <= 2.9.11 - Broken Access Control vulnerability MEDIUM (4.3) Missing Authorization vulnerability in Saad Iqbal Post SMTP post-smtp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post SMTP: from n/a through <= 2.9.11. Published: 2025-01-13T13:11:36.569Z Updated: 2026-04-28T16:11:07.557Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/post-smtp/vulnerability/wordpress-post-smtp-plugin-2-9-11-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-52436`	vulnerable	2026-06-03 14:57:29.524609	WordPress Post SMTP plugin <= 2.9.9 - SQL Injection vulnerability HIGH (7.6) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal Post SMTP post-smtp allows Blind SQL Injection.This issue affects Post SMTP: from n/a through <= 2.9.9. Published: 2024-11-18T14:30:20.672Z Updated: 2026-04-28T16:10:42.030Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/post-smtp/vulnerability/wordpress-post-smtp-plugin-2-9-9-sql-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.