WordPress Easy WP SMTP plugin versions 1.4.2 and below
MImproper access control vulnerability was identified in the WordPress easy WP SMTP plugin, which could lead an unauthorized user to reset the administrator password among other security-related issues.
This vulnerability exists due to improper access restrictions. An attacker could access the debug log and use the password reset link to reset the administrator password.
Successful exploitation of this vulnerability leads the attacker to take control of the website and run restricted commands.
✻ Exposing sensitive information to unauthorized parties
✻ Unauthorized access to the website
✻ Denial of access to the website
✻ Update to a version higher than version 1.4.2
The information provided herein is on "as is" basis, without warranty of any kind.