Filter
Exclude
Time range
-
Near
Sienna Web Designs@siennawebdesign
4 Nov 2025
400,000 #WordPress Sites Affected by #AccountTakeover #Vulnerability in #PostSMTP WordPress #Plugin Ask us about our Virtual Webmaster services if you don't have someone monitoring your #website(s) for #Security, #Plugin, #Theme, #WPCore #vulnerabilities wordfence.com/blog/2025/11/4…

400,000 WordPress Sites Affected by Account Takeover Vulnerability in Post SMTP WordPress Plugin

On October 11th, 2025, we received a submission for an Account Takeover via Email Log Disclosure vulnerability in Post SMTP, a WordPress plugin with more than 400,000 active installations.

wordfence.com
1
4
68
Sam Stepanyan@securestep9
1 Nov 2025
#Wordpress: CVE-2025-11833 (CVSS 9.8) Critical Flaw in #PostSMTP Plugin Exposes 400,000 WordPress Sites to Unauthenticated Account Takeover: 👇 securityonline.info/cve-2025…

CVE-2025-11833 (CVSS 9.8): Critical Flaw Exposes 400,000 WordPress Sites to Unauthenticated Account...

Urgent patch for Post SMTP plugin. A CVSS 9.8 flaw lets unauthenticated attackers read email logs and steal password reset links to take over accounts.

securityonline.info
2
1
4
493
crypto_ger
@crypto_ger1
2 Aug 2025
🚨 Critical vuln in Post SMTP WP plugin affects 40K crypto sites. Unpatched = easy admin takeover via REST API. Running it? Patch NOW or risk getting rekt. 🔐 #WordPress #CyberSecurity #CryptoSecurity #PostSMTP #WPsec #VulnAlert #Infosec
1
2
46
سايبركاست
@cyberscastx
28 Jul 2025
ثغرة حرجة تهدد أكثر من 400 ألف موقع ووردبريس! اكتشف باحث أمني خللاً في اضافة @PostSMTP يسمح لأي مستخدم مُسجّل بالوصول لبيانات حساسة وإعادة تعيين كلمات مرور المدراء 🛑 رمزها CVE-2025-24000 – صدر التحديث في 11 يونيو… ولكن 200 ألف موقع لم تُحدث بعد
1
2
15
2,633
Hackread.com@HackRead
28 Jul 2025
A now-patched flaw in the #PostSMTP WordPress plugin let Subscriber-level users take over Admin accounts by accessing email logs like password reset links. Update the plugin to version 3.3.0. 🔗 hackread.com/post-smtp-plugi… #CyberSecurity #WordPress #Vulnerability #Plugin #Privacy

Post SMTP Plugin Flaw Allowed Subscribers to Take Over Admin Accounts

Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

hackread.com
1
3
781
Cybersecurity News Everyday
@TweetThreatNews
28 Jul 2025
A critical vulnerability (CVE-2025-24000) in the Post SMTP WordPress plugin, used on over 400,000 sites, allows attackers to take full control by exploiting broken access controls. Many sites remain vulnerable despite a patch. #PostSMTP #WPUpdate #UK ift.tt/gImTWED

Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations

A critical vulnerability in the Post SMTP WordPress plugin allows attackers to take full control of compromised websites by exploiting broken access control. Many websites remain vulnerable despite a...

hendryadrian.com
2
178
Sienna Web Designs@siennawebdesign
8 Mar 2025
#WordPress #PostSMTP #Plugin <= 3.1.2 is vulnerable to #SQLInjection patchstack.com/database/word… Ask us about our Virtual Webmaster services if you don't have someone monitoring your #website(s) for #Security, #Plugin, #Theme, #WPCore, #PHP #vulnerabilities.

SQL Injection in WordPress Post SMTP Plugin

Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.

patchstack.com
1
3
35
Sienna Web Designs@siennawebdesign
18 Feb 2025
[#Priority] #WordPress #PostSMTP #Plugin <= 3.0.2 is #vulnerable to Cross Site Scripting (#XSS) patchstack.com/database/word… Ask us about our Virtual Webmaster services if you don't have someone monitoring your #website(s) for #Security, #Plugin, #Theme, #WPCore #vulnerabilities.

Cross Site Scripting (XSS) in WordPress Post SMTP Plugin

Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.

patchstack.com
1
1
3
120
Simon Harper ☕💻@SRHDesign
11 Dec 2024
This week in #WordPress: @jameswlepage, @TheWPMinute, @postmarkapp, @brevo_official, @mailjet, @PostSMTP, @Solid_WP, @mysitesguru, @kinsta, @rmelogli, @WPConciergeCo, @Cloudflare, @WooCommerce, @krautpress, @briancoords, @ryanwelcher, @nickmdiego, @DotheWoo, @thewpweekly & more!
2
6
293
Post SMTP@PostSMTP
4 Jul 2024
Sender Policy Framework (SPF) is an email domain authentication method that helps servers verify if emails from your domain are truly sent by you. Need help setting up an SPF record for Office 365? Here's a guide: postmansmtp.com/spf-record-f… #SPF #Office365 #PostSMTP

How to Set Up SPF Record for Office 365 [2024]

Check out our detailed guide on how to set up an SPF record for Office 365 via any web hosting provider to improve your WordPress email deliverability.

postmansmtp.com
1
2
49
Tara Singh Kharwad@tarasi7261
3 May 2024
Was finding a free #SMTP service and got to know about GmailAPI and it is awesome, especially when used with @PostSMTP plugin of @WordPress with very amazing and simple design.
3
1
7
154
The WP Weekly@thewpweekly
15 Apr 2024
WP Weekly 189... is out. - 2 New SMTP Plugins - $5000 WP Websites - Does WP Scale? - No PHP 7.0 & 7.1 Support thewpweekly.com/issue-189/ #WordPress stories from @swissspidy @gravityforms @NagdyWP @multicollab @PostSMTP @MyMainWP @HariShanker @MRcrocoblock

WP Weekly 189 - $5K Sites - SMTP Plugins, Prefetched Loading, Does WP Scale

New SMTP plugins from Gravity Forms and Post SMTP, prefetched pages with speculative loading, does WordPress scale big, websites less than $5000, Woo .com back to WooCommerce .com, Automattic...

thewpweekly.com
1
3
6
322
MainWP
@MyMainWP
9 Apr 2024
We are so excited to announce our partnership with @PostSMTP. Centralized, simplified email management across multiple WordPress sites has never been easier. Plus. . . It's FREE! #MainWP #Free #PostSMTP #EmailDelivery #WordPressPlugins #WordPress mainwp.com/mainwp-partners-w…

MainWP Partners with Post SMTP for Straightforward, Simple Email Management Across Your Child Sites...

In today's fast-paced digital world, managing communication across multiple WordPress sites can be a major task. The constant influx of emails, coupled with the need for reliable delivery, often...

mainwp.com
1
3
3
262
Yoast
@yoast
23 Feb 2024
Replying to @WP_Okulu @insta_wp @wordfence @all_noodles @PostSMTP @servmask
Hey there! ! Being on your list of top plugins means the world to us🙏 💜
2
47
InstaWP
@insta_wp
9 Feb 2024
Thank you, @PostSMTP, for the warm welcome! We're excited for this collaboration and can't wait to see the incredible impact we'll make together on WordPress email deliverability.
Post SMTP@PostSMTP
9 Feb 2024
CONGRATULATIONS 🎊 Post SMTP shook hands with @insta_wp to instantly check WordPress email deliverability. Read More: postmansmtp.com/post-smtp-an… #PostSMTP #InstaWP #Collaboration #Emails #WordPress #InstantChecking
1
4
10
680
Post SMTP@PostSMTP
9 Feb 2024
CONGRATULATIONS 🎊 Post SMTP shook hands with @insta_wp to instantly check WordPress email deliverability. Read More: postmansmtp.com/post-smtp-an… #PostSMTP #InstaWP #Collaboration #Emails #WordPress #InstantChecking

Post SMTP Joins InstaWP to Transform WordPress Development

Now you can pre-install Post SMTP on your InstaWP site in three simple steps to enhance WordPress email deliverability during testing.

postmansmtp.com
4
784
Gregg Housh@GreggHoush
12 Jan 2024
It checks for wp-json responding, then checks for PostSMTP existing, then enumerates users and starts sending off password resets. It then checks PostSMTP logs somehow and gets the reset token from the logs. After that it logs in and edits functions.php.
1
1
138
Gregg Housh@GreggHoush
12 Jan 2024
I help friends and family run their various websites, all on @WordPress because it easy. It looks like there is an active WordPress PostSMTP plugin exploit going on right now. It successfully resets passwords without receiving the password email. #infosec
1
2
2
884
Post SMTP@PostSMTP
4 Jan 2024
Here's the Post SMTP mobile app! Now, keep track of your WordPress emails anytime, anywhere. ✅ Email Tracking Anywhere ✅ Get Instant Failure Alerts ✅ Resend failed emails with one tap ✅ Email preview on smartphone & much more #PostSMTP #WordPress #Emails #MobileApp
1:18
2
2
256
Sienna Web Designs@siennawebdesign
2 Jan 2024
[#HighSeverity] #POSTSMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for #WordPress <= 2.8.7 - Multiple vulnerabilities wordfence.com/threat-intel/v… Message me if you need help monitoring your #website(s) for #Security #vulnerabilities.

POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <=...

wordfence.com
1
3
65
Load more