A broken access control vulnerability has been discovered in the Gravity SMTP plugin, posing a moderate security risk to websites using this plugin. The vulnerability, which has been assigned a CVSS score of 7.1, is expected to be exploited in mass-attack campaigns. These types of vulnerabilities are often used by attackers to target thousands of websites simultaneously, regardless of their size or popularity.
The issue arises from a missing authorization, authentication, or nonce token check within a function of the plugin. This oversight allows an unprivileged user to execute actions that require higher privileges, potentially compromising the security of the affected website. Such vulnerabilities are particularly concerning as they can be exploited en masse, making them attractive targets for cybercriminals.
The Common Vulnerability Scoring System (CVSS) is used to evaluate and rank reported vulnerabilities in a standardized manner. However, it is not always ideal for assessing vulnerabilities specific to WordPress plugins, as it may not fully capture the unique risks associated with these platforms.
The impact of this vulnerability could be significant, as it may allow unauthorized users to perform actions that could disrupt website operations or lead to data breaches. Website administrators using the Gravity SMTP plugin should be vigilant and take immediate action to mitigate potential risks.
To protect against this vulnerability, it is recommended that users update the affected plugin as soon as possible. If updating is not feasible, website owners should seek assistance from their hosting provider or a web developer to ensure their site remains secure.
Source: https://patchstack.com/database/wordpress/plugin/gravitysmtp/vulnerability/wordpress-gravity-smtp-plugin-2-1-4-missing-authorization-to-authenticated-subscriber-plugin-uninstall-vulnerability