VYPR

SureMail

by WordPress

CVEs (1)

  • CVE-2025-13516HigDec 2, 2025
    risk 0.46cvss 8.1epss 0.01

    The SureMail – SMTP and Email Logs Plugin for WordPress is vulnerable to Unrestricted Upload of File with Dangerous Type in versions up to and including 1.9.0. This is due to the plugin's save_file() function in inc/emails/handler/uploads.php which duplicates all email…