Greater than 200,000 WordPress web sites are utilizing a susceptible model of the Publish SMTP plugin that permits hackers to take management of the administrator account.
Publish SMTP is a well-liked e-mail supply plugin for WordPress that counts greater than 400,000 lively installations. It’s marketed as a alternative of the default ‘wp_mail()’ operate that’s extra dependable and feature-rich.
On Could 23, a safety researcher reported the vulnerability to WordPress safety agency PatchStack. The flaw is now recognized as CVE-2025-24000 and acquired a medium severity rating of 8.8.
The safety subject impacts all variations of Publish SMTP as much as 3.2.0 and is because of a damaged entry management mechanism within the plugin’s REST API endpoints, which solely verified if a person was logged in, with out checking their permission degree.
Which means that low-privileged customers, resembling Subscribers, might entry e-mail logs containing full e-mail content material.
On susceptible websites, a subscriber might provoke a password reset for an Administrator account, intercept the reset e-mail by way of the logs, and achieve management of the account.
Supply: PatchStack
The plugin’s developer, Saad Iqbal, was knowledgeable concerning the flaw and responded with a repair for Patchstack to evaluation on Could 26.
The answer was to include further privilege checks within the ‘get_logs_permission’ operate that will validate a person’s permissions earlier than giving entry to delicate API calls.
The repair was integrated into Publish SMTP model 3.3.0, which was revealed on June 11.
Obtain statistics on WordPress.org present that lower than half of the plugin’s person base (48.5%) has up to date to model 3.3. Which means that greater than 200,000 web sites are susceptible to CVE-2025-24000.
A notable 24.2%, equivalent to 96,800 websites, nonetheless run Publish SMTP variations from the two.x department, which is susceptible to further safety flaws, leaving them open to assaults.
CISOs know that getting board buy-in begins with a transparent, strategic view of how cloud safety drives enterprise worth.
This free, editable board report deck helps safety leaders current danger, impression, and priorities in clear enterprise phrases. Flip safety updates into significant conversations and quicker decision-making within the boardroom.
