GCVE - cpe:2.3:a:yaycommerce:yaysmtp:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:yaycommerce:yaysmtp:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Yaycommerce (`1c89574d-e9f5-5957-9e5e-4e06ca3f9fae`)
Product	Yaysmtp (`176fd2b1-dc0b-597e-bbfd-e3e1e4ff7e7f`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-53256`	vulnerable	2026-06-08 07:31:14.320754	WordPress YaySMTP plugin <= 2.6.6 - SQL Injection Vulnerability HIGH (7.6) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce YaySMTP yaysmtp allows SQL Injection.This issue affects YaySMTP: from n/a through <= 2.6.6. Published: 2025-06-27T13:21:05.082Z Updated: 2026-04-28T16:13:21.991Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/yaysmtp/vulnerability/wordpress-yaysmtp-plugin-6-8-1-sql-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-48161`	vulnerable	2026-06-08 07:27:15.555589	WordPress YaySMTP plugin <= 1.3 - SQL Injection Vulnerability HIGH (7.6) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce YaySMTP smtp-sendinblue allows SQL Injection.This issue affects YaySMTP: from n/a through <= 1.3. Published: 2025-07-16T10:36:56.225Z Updated: 2026-05-12T00:30:16.119Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/smtp-sendinblue/vulnerability/wordpress-yaysmtp-plugin-1-3-sql-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-47587`	vulnerable	2026-06-08 07:27:14.591219	WordPress YaySMTP plugin <= 2.6.4 - SQL Injection Vulnerability HIGH (7.6) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce YaySMTP yaysmtp allows Blind SQL Injection.This issue affects YaySMTP: from n/a through <= 2.6.4. Published: 2025-05-07T14:20:21.213Z Updated: 2026-04-28T16:12:46.186Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/yaysmtp/vulnerability/wordpress-yaysmtp-2-6-4-sql-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.