Webriti SMTP Mail <= 1.0 - Arbitrary Settings Update via CSRF
Description
The Webriti SMTP Mail WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=1.0
Patches
Vulnerability mechanics
Root cause
"Missing CSRF nonce check on the plugin's settings-update endpoint allows an attacker to forge requests that modify the SMTP mail configuration."
Attack vector
An attacker crafts a malicious page or link that, when visited by a logged-in WordPress administrator, triggers a cross-site request forgery (CSRF) attack [CWE-352]. Because the plugin's settings-update endpoint lacks a CSRF nonce check, the forged request silently changes the SMTP mail settings [ref_id=1]. The attacker does not need any special network position beyond being able to deliver the crafted request to the victim admin.
Affected code
The advisory does not specify exact file paths or function names. The vulnerability is in the settings-update handler of the Webriti SMTP Mail plugin through version 1.0 [ref_id=1].
What the fix does
The advisory states there is "no known fix" [ref_id=1]. To remediate the issue, the plugin should add a CSRF nonce check (e.g., using `wp_nonce_field()` and `check_admin_referer()`) to the settings-update handler so that only intentionally submitted requests from the admin are accepted.
Preconditions
- authA WordPress administrator must be logged in and visit a page or link controlled by the attacker.
- inputThe attacker must be able to craft a cross-site request (e.g., via a malicious HTML page or a direct link) that targets the plugin's settings-update endpoint.
- configThe Webriti SMTP Mail plugin (version <= 1.0) must be installed and active on the target WordPress site.
Generated on May 24, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1- wpscan.com/vulnerability/a8cec792-6435-4047-bca8-597c104dbc1fmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.