VYPR

SMTP Amazon Ses

by WordPress

Source repositories

CVEs (3)

  • CVE-2025-54043HigJul 16, 2025
    risk 0.49cvss 7.6epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce SMTP for Amazon SES smtp-amazon-ses allows SQL Injection.This issue affects SMTP for Amazon SES: from n/a through <= 1.9.

  • CVE-2025-3434HigApr 11, 2025
    risk 0.40cvss 7.2epss 0.00

    The SMTP for Amazon SES – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Email Logs in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to…

  • CVE-2025-0957HigFeb 22, 2025
    risk 0.40cvss 7.2epss 0.00

    The SMTP for Amazon SES – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web…