Test ID:	1.3.6.1.4.1.25623.1.0.126437
Category:	Web application abuses
Title:	WordPress Post SMTP Mailer/Email Log Plugin < 2.0.21 CSRF Vulnerability
Summary:	The WordPress plugin 'Post SMTP Mailer/Email Log' is prone to a; cross-site request forgery (CSRF) vulnerability.
Description:	Summary: The WordPress plugin 'Post SMTP Mailer/Email Log' is prone to a cross-site request forgery (CSRF) vulnerability. Vulnerability Insight: CSRF due to missing or incorrect nonce validation on the handleCsvExport() function. Affected Software/OS: WordPress Post SMTP Mailer/Email Log plugin prior to version 2.0.21 Solution: Update to version 2.0.21 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-4422 https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/ https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/ https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/ https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/ https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/ https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/ https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/ https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2473579%40post-smtp&new=2473579%40post-smtp&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/e018ca7c-06dd-4d40-91d4-4ed188b8aaf2?source=cve
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.