Unrated severityNVD Advisory· Published Jan 16, 2024· Updated Jun 2, 2025
POST SMTP Mailer < 2.5.7 - Arbitrary Log Deletion via CSRF
CVE-2023-3178
Description
The POST SMTP Mailer WordPress plugin before 2.5.7 does not have proper CSRF checks in some AJAX actions, which could allow attackers to make logged in users with the manage_postman_smtp capability delete arbitrary logs via a CSRF attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <2.5.7
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/5341cb5d-d204-49e1-b013-f8959461995f/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.