What the vulnerability does
01Description
Cross-Site Request Forgery (CSRF) vulnerability in Photoboxone SMTP Mail.This issue affects SMTP Mail: from n/a through 1.3.20.
CVE-2024-25914
MEDIUM
CVE-2024-25914: WordPress SMTP Mail Plugin <= 1.3.20 is vulnerable to Cross Site Request Forgery (CSRF)
CVSS base score
4.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Key dates
02Disclosure timeline
February 13, 2024
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-45752 WordPress Post Gallery Plugin <= 2.3.12 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2026-32755 Admidio is Missing CSRF Protection on Role Membership Date Changes
CVE-2023-51530 WordPress GS Logo Slider Plugin <= 3.5.1 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2024-43947 WordPress WP Armour Extended plugin <= 1.26 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2023-4923 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Deletion
