Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover

Hundreds of thousands of websites may be exposed to account takeover attacks due to a critical-severity vulnerability in the email delivery WordPress plugin Post SMTP, Defiant warns.\n\nPost SMTP versions up to 3.6.0 lack a capability check in a specific function, thus allowing unauthenticated attackers to read arbitrary logged emails sent using the plugin.\n\nThis can be used for complete site compromise by an attacker triggering a password reset for a site’s administrator user, and then obtaining the password reset email through the log data. Once an attacker has access to this key, they can reset the password for that user and log in to the account, Defiant notes.\n\nAccording to Defiant, in-the-wild exploitation of the security defect started roughly three days after patches were released. The WordPress security firm has blocked over 4,500 attacks to date.\n\nFor more details, read the full article here.