CVE-2025-0916 | yaycommerce YaySMTP and Email Logs Plugin up to 2.6.2 on WordPress Any SMTP Service wp_kses_post cross site scripting

Inserito da Angelo Barbosa | Feb 19, 2025 | CVE

A vulnerability was found in yaycommerce YaySMTP and Email Logs Plugin up to 2.6.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function wp_kses_post of the component Any SMTP Service. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2025-0916. The attack can be launched remotely. There is no exploit available.

CVE-2025-0916 | yaycommerce YaySMTP and Email Logs Plugin up to 2.6.2 on WordPress Any SMTP Service wp_kses_post cross site scripting

Post correlati

CVE-2024-11686 | WhatsApp Click to Chat Plugin up to 3.0.4 on WordPress cross site scripting

CVE-2024-37678 | Hangzhou Meisoft Information Technology Finesoft up to 8.0 cross site scripting

CVE-2024-39150 | vditor up to 3.9.8 Data Packet path traversal

CVE-2022-48791 | Linux Kernel up to 5.10.101/5.15.24/5.16.10 pm8001 mpi_ssp_completion use after free