Post SMTP - Geek Feed

Hackers exploit WordPress plugin Post SMTP to hijack admin accounts

November 7, 2025November 7, 2025 geekfeed0Tagged Account takeover, CVE-2025-11833, email, Plugin, Post SMTP, vulnerability, wordpress

Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts. Post SMTP is a popular email delivery solution marketed as a feature-rich and more reliable replacement of the default ‘wp_mail()’ function. On October 11, WordPress security firm Wordfence received […]

2 mins read

Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks

July 29, 2025July 29, 2025 geekfeed0Tagged Account takeover, CVE-2025-24000, email, Plugin, Post SMTP, vulnerability, wordpress

More than 200,000 WordPress websites are using a vulnerable version of the Post SMTP plugin that allows hackers to take control of the administrator account. Post SMTP is a popular email delivery plugin for WordPress that counts more than 400,000 active installations. It’s marketed as a replacement of the default ‘wp_mail()’ function that is more […]

1 min read