Friday, 10 July 2026

Critical Vulnerability in WordPress Post SMTP Plugin Patched

A major security vulnerability (CVE-2025-11833) has been discovered in the widely used Post SMTP plugin for WordPress. A malicious user could exploit this vulnerability to bypass security restrictions, perform privilege escalation, and achieve administrator account takeover on the targeted system.

Administrators are strongly advised to update the Post SMTP plugin to version 3.6.1 as quickly as possible.

Source: wordfence.com

10 November 2025

-
25