all InfoSec news
Type Juggling Leads to Two Vulnerabilities in POST SMTP Mailer WordPress Plugin
Wordfence www.wordfence.com
On December 14th, 2023, during our Bug Bounty Program Holiday Bug Extravaganza, we received a submission for an Authorization Bypass vulnerability in POST SMTP Mailer, a WordPress plugin with over 300,000+ active installations. This vulnerability makes it possible for unauthenticated threat actors to reset the API key used to authenticate to the mailer and view ...
Read More
The post Type Juggling Leads to Two Vulnerabilities in POST SMTP Mailer WordPress Plugin appeared first on Wordfence.
api authorization bounty bug bug bounty bug bounty program bypass bypass vulnerability december holiday key plugin program research reset smtp submission threat threat actors unauthenticated vulnerabilities vulnerability wordpress wordpress plugin wordpress security