Wp-ecommerce Easy Wp Smtp — known CVE vulnerabilities
Every CVE whose affected-product data names Wp-ecommerce Easy Wp Smtp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2019-25141 — CVSS 9.8 (critical): The Easy WP SMTP plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.3.9. This is due to missing…
CVE-2020-35234 — CVSS 7.5 (high): The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account takeover, as exploited in the wild in December 2020. If an…
CVE-2022-3334 — CVSS 7.2 (high): The Easy WP SMTP WordPress plugin before 1.5.0 unserialises the content of an imported file, which could lead to PHP object injection issue…
CVE-2024-3073 — CVSS 2.7 (low): The Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin plugin for WordPress is vulnerable to information exposure in all…