The POST SMTP Mailer WordPress plugin before 2.5.7 does not have proper CSRF checks in some AJAX actions, which could allow attackers to make logged in users with the manage_postman_smtp capability resend an email to an arbitrary address (for example a password reset email could be resent to an attacker controlled email, and allow them to take over an account).
[
{
"vendor": "Unknown",
"product": "POST SMTP Mailer",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "2.5.0",
"lessThan": "2.5.7"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]