VYPR

SMTP by BestWebSoft

by WordPress

CVEs (1)

  • CVE-2024-13908HigMar 8, 2025
    risk 0.40cvss 7.2epss 0.01

    The SMTP by BestWebSoft plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'save_options' function in all versions up to, and including, 1.1.9. This makes it possible for authenticated attackers, with Administrator-level…